---
title: "Cyber Security News Update, Week 38 of 2021 | DuoCircle"
description: "A global cybersecurity firm reported that one-third of suspicious emails marked by employees were indeed malicious ones that may have attempted to phish the."
image: "https://www.duocircle.com/images/og-default.png"
canonical: "https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-38-of-2021/"
---

Quick Answer

Cybersecurity headlines for the week of September 17, 2021\. Threat actors are using malicious Microsoft Office documents that abuse macros and CVE-2021-40444 in MSHTML to drop Cobalt Strike beacons. Private-equity firm AnaCap announced a major investment in identity-verification provider WebID. Tesla Full Self-Driving beta software was leaked between community testers, raising IP and safety concerns. Google patched 40 Chrome vulnerabilities, including two zero-days under active exploitation (CVE-2021-30632 and CVE-2021-30633). Corporate phishing email volumes climbed, with credential harvesting overtaking malware delivery. Germany accused Russia's Ghostwriter group of phishing parliament members ahead of national elections.

Share 

[ ](https://www.linkedin.com/sharing/share-offsite/?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-38-of-2021%2F "Share on LinkedIn") [ ](https://twitter.com/intent/tweet?text=Cyber%20Security%20News%20Update%2C%20Week%2038%20of%202021&url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-38-of-2021%2F "Share on X/Twitter") [ ](https://www.facebook.com/sharer/sharer.php?u=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-38-of-2021%2F "Share on Facebook") [ ](https://reddit.com/submit?url=undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-38-of-2021%2F&title=Cyber%20Security%20News%20Update%2C%20Week%2038%20of%202021 "Share on Reddit") [ ](mailto:?subject=Cyber%20Security%20News%20Update%2C%20Week%2038%20of%202021&body=Check out this article: undefined%2Fblog%2Fannouncements%2Fcyber-security-news-update-week-38-of-2021%2F "Share via Email") 

![cybersecurity](https://media.mailhop.org/duocircle/images/2021/09/sender-policy-framework.jpg) 

_A global cybersecurity firm reported that one-third of suspicious emails marked by employees were indeed malicious ones_ that may have attempted to phish the users of their PII (Personally Identifiable Information) and other critical organizational information. This indicates how crucial cybersecurity [awareness training](/phishing-awareness-training) can prove to be in tackling the global menace of growing cybercrime. Here are this week’s cyber news headlines that cover a tech giant **patching critical vulnerabilities**, one country blaming another for launching cyberattacks against them, and more.

## Beware of MS Office Documents From Scammers

_Microsoft has recently released a warning message for users to beware of malicious Office documents that adversaries are circulating_ by exploiting a [zero-day vulnerability](https://thehackernews.com/2021/09/new-0-day-attack-targeting-windows.html) in Internet Explorer. The vulnerability has been dubbed CVE-2021-40444 and has a **severity score of 8.8**. Microsoft is now investigating the remote code execution flaw in MSHTML (the proprietary browser engine for Internet Explorer), which the attackers exploit to create a malicious ActiveX control and embed it in an MS Office document. _The vulnerability is more likely to affect user accounts operating with administrative user rights_.

[![zero-day vulnerability](https://media.mailhop.org/duocircle/images/2021/09/sender-policy-framework-8163.jpg)](https://media.mailhop.org/duocircle/images/2021/09/sender-policy-framework-8163.jpg)

Cybersecurity researchers from Mandiant and EXPMON first identified this highly sophisticated [zero-day vulnerability](https://www.phishprotection.com/content/zero-day-attacks/). EXPMON tweeted about the same, adding that the adversaries exploited logical flaws that make the malicious documents seem reliable. However, _users who run MS Office with default configurations remain unaffected by this flaw_ because, in such cases, web downloads are opened in Protected View. Once its investigations are over, Microsoft will likely release the patch for the vulnerability either as part of the Patch Tuesday release or as an out-of-band patch. Meanwhile, _users must disable ActiveX controls in Internet Explorer to ensure **threat protection**_.

## AnaCap Makes Huge Investment In WebID

_A significant cybersecurity investment should not go unnoticed_, and therefore, AnaCap Financial Partners’ latest investment in WebID must not go unreported. AnaCap is a leading specialist in technology-led financial services who [made a major investment](https://www.finextra.com/pressarticle/89165/anacap-announces-majority-investment-in-digital-id-provider-webid) in the leading German digital identification provider, WebID. AnaCap’s interest and investments will make WebID product listings reach a broader customer base across industries like eCommerce, eGovernment, eMobility, and eHealth. _WebID provides a host of cybersecurity tools_ for KYC purposes like AI-powered identification, online banking, video call verification, eSigning through qualified electronic signature (QES) solutions, etc.

Being a facilitator of the shift from offline to online functioning, _WebID digitalizes people’s lives and makes things convenient and eco-friendly._ WebID is already in a thriving position, and AnaCap’s implementation of the buy-and-build strategy promises to manage and support the next stage of WebID’s growth. WebID perceives AnaCap’s investment as a merger of two like-minded entities that shall help WebID enhance and expand its hitherto organic growth.

## Tesla’s FSD Beta Software Leaks Among Community Members

_Cybersecurity issues with Tesla often make it to the headlines_. Despite the preventive measures adopted by them, their Full Self-Driving (FSD) [Beta software was recently leaked](https://electrek.co/2021/09/07/tesla-tsla-full-self-driving-beta-software-leaked/) and circulated among the Tesla hacking community. Fortunately, _the malicious actors did not have any malicious intentions and were Tesla car owners who just wanted to try the software_. The Tesla FSD Beta software was accessible only to a few customers as part of the early access program. This disappointed some customers as they had **paid up to $10,000** to get early access to the Full Self-Driving package.

Reports indicate that the FSD Beta software has leaked and passed on among the Tesla root access community. _The root community is trying to limit the access of the Beta software_ despite people trying to purchase the leak.

## Google Patches Forty Vulnerabilities

The system updates are significant to ensure [ransomware protection](/email-security/5-ways-you-protect-your-business-from-ransomware/), particularly for our mobile phones, as all our financial and other accounts are logged in here. The September issue of Google’s Android Security Bulletin comes with patches for [40 such vulnerabilities](https://www.securityweek.com/google-android-security-update-patches-40-vulnerabilities) in Android devices of which seven have been rated critical. These include vulnerabilities in:

- **Framework component:** One critical issue dubbed CVE-2021-0687 was patched in the Framework component. Affecting Android 8.1, 9, 10, and 11, this flaw could cause adversaries to deny service in user devices permanently. _Six more high-severity vulnerabilities were also patched in the Framework component_.
- **Media framework**: _Patches were released for two high severity vulnerabilities_ in the media framework causing information disclosure issues.
- **System component**: _The update patched six high-severity and one medium-severity vulnerability in the system component_. These were a mix of elevation of privilege and information disclosure issues.
- **Other components**: The other components which received patches include MediaTek components, Kernel components, Qualcomm closed-source components, Unisoc components, and Qualcomm components. _Twenty-three vulnerabilities were patched in all these components combined_.

The September patch also fixed an issue in Google Play dubbed CVE-2021-0690\. Users who haven’t yet updated their systems need to do so immediately before adversaries exploit any of the vulnerabilities.

## Corporate Phishing Emails on The Rise

[![Email security](https://media.mailhop.org/duocircle/images/2021/09/spf-record-tester-9176.jpg)](https://media.mailhop.org/duocircle/images/2021/09/spf-record-tester-9176.jpg)

_It is an undisputed fact that emails are the most commonly used means of launching **phishing attacks**_. A recent report by F-Secure shows that over [one-third of emails flagged](https://www.f-secure.com/en/press/p/a-third-of-suspicious-emails-reported-by-employees-are-phishing) as ‘suspicious’ by employees were indeed **phishing emails**. Organizations over the globe have been imparting [cybersecurity training](/phishing-awareness-training) sessions to ensure [email security](/) and _prepare their employees to detect phishing emails_.

Fortunately, these training sessions are helping, and _F-Secure’s report highlights that more than 200,000 emails marked as suspicious by employees were actually malicious_. Cybersecurity teams are reportedly receiving a lot more **phishing email** alerts from employees now than a year ago. The NCSC alone removed **1.4 million malicious links** embedded in emails last year, and this figure is higher than the combined total of the previous three years.

The adversaries usually target corporate networks because winning over one employee email account can enable them to access all systems, launch [BEC attacks](/email-security/top-strategies-to-avoid-business-email-compromise-and-upgrade-email-security/), or deploy ransomware. The F-Secure report also mentioned that some of the most frequently occurring phrases in phishing emails reported by employees include “Your funds have,” “Warning,” or “Message is for a trusted.”

## German Government Being Targeted by Russian Threat Actors

_The German parliament has called upon the Russian government to take action to end the Russian threat actor-groups-led cybersecurity breaches_ targeting the [German government](https://www.thenationalnews.com/world/europe/2021/09/06/germany-blames-russia-for-cyber-attack-weeks-from-election-day/). Germany accuses Russia of launching a renewed cyber attack on the nation, and this accusation is backed by reliable information.

A group called, Ghostwriter is supposedly behind the nefarious activities to obtain PII of politicians ahead of the federal election later this month to launch [identity theft scams](/phishing-protection/recognizing-online-identity-thefts-and-how-enterprises-can-ensure-identity-theft-protection-for-their-employees/) against them. Allegedly, state threat actors of Russia or its GRU military intelligence have been said to be behind the attack(s).

## Topics

NewsSecurityUpdates 

![Brad Slavin](https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg) 

Brad Slavin 

General Manager

General Manager at DuoCircle. Product strategy and commercial lead across the email security portfolio.

## Secure your email infrastructure

Protect, authenticate, and deliver. Contact our team to find the right solution.

[Contact Sales](/contact/) [Explore Products](/products/) 

## Related Articles

[  News 3m  Alert: Fix SPF & DKIM Settings For Your Email Forwarding Set Up Through Microsoft o365 SMTP Server Or Your Emails May End Up In Spam  Jul 20, 2021 ](/blog/announcements/alert-fix-spf-dkim-settings-for-your-email-forwarding-set-up-through-microsoft-o365-smtp-server-or-your-emails-may-end-up-in-spam/)[  News 6m  Cyber Security News Update, Week 1 of 2022  Jan 7, 2022 ](/blog/announcements/cyber-security-news-update-week-1-of-2022/)[  News 7m  Cybersecurity News Update, Week 1 of 2023  Jan 1, 2023 ](/blog/announcements/cyber-security-news-update-week-1-of-2023/)[  News 5m  EasyPark Data Breach, Ohio Lottery Cyberattack, GTA 5 Leak, Cybersecurity News \[December 25, 2023\]  Jan 4, 2024 ](/blog/announcements/cyber-security-news-update-week-1-of-2024/)

```json
{"@context":"https://schema.org","@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}],"sameAs":["https://www.linkedin.com/company/duocircle","https://x.com/duocirclellc","https://www.facebook.com/duocirclellc","https://www.g2.com/products/phish-protection-by-duocircle/reviews","https://github.com/duocircle","https://www.crunchbase.com/organization/duocircle-llc"],"contactPoint":{"@type":"ContactPoint","contactType":"customer support","url":"https://support.duocircle.com"},"knowsAbout":["Email Security","Email Authentication","SPF","DKIM","DMARC","Phishing Protection","Spam Filtering","SMTP Relay","Email Deliverability","Email Forwarding"]}
```

```json
{"@context":"https://schema.org","@type":"WebSite","name":"DuoCircle LLC","url":"https://www.duocircle.com","description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]}}
```

```json
[{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 38 of 2021","description":"A global cybersecurity firm reported that one-third of suspicious emails marked by employees were indeed malicious ones that may have attempted to phish the.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-38-of-2021/","datePublished":"2021-09-17T17:52:13.000Z","dateModified":"2025-05-06T13:45:24.000Z","dateCreated":"2021-09-17T17:52:13.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-38-of-2021/"},"articleSection":"announcements","keywords":"News, Security, Updates","wordCount":1078,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2021/09/sender-policy-framework.jpg","caption":"cybersecurity","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}},{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":2,"name":"News"},{"@type":"ListItem","position":3,"name":"Cyber Security News Update, Week 38 of 2021","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-38-of-2021/"}]}]
```

```json
{"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https://www.duocircle.com/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https://www.duocircle.com/blog/"},{"@type":"ListItem","position":3,"name":"News","item":"https://www.duocircle.comundefined"},{"@type":"ListItem","position":4,"name":"Cyber Security News Update, Week 38 of 2021","item":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-38-of-2021/"}]}
```

```json
{"@context":"https://schema.org","@type":"BlogPosting","headline":"Cyber Security News Update, Week 38 of 2021","description":"A global cybersecurity firm reported that one-third of suspicious emails marked by employees were indeed malicious ones that may have attempted to phish the.","url":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-38-of-2021/","datePublished":"2021-09-17T17:52:13.000Z","dateModified":"2025-05-06T13:45:24.000Z","dateCreated":"2021-09-17T17:52:13.000Z","author":{"@type":"Person","@id":"https://www.duocircle.com/authors/brad-slavin/#person","name":"Brad Slavin","url":"https://www.duocircle.com/authors/brad-slavin/","jobTitle":"General Manager","description":"Brad Slavin runs DuoCircle, the company behind DMARC Report, AutoSPF, Phish Protection, and Mailhop. His focus is product strategy, customer relationships, and the commercial and compliance side of email authentication (DPAs, SLAs, enterprise procurement).","image":"https://media.mailhop.org/dmarcreport/images/team/brad-slavin.jpg","knowsAbout":["Email Security Strategy","SaaS Product Management","Enterprise Compliance","Customer Success","Email Deliverability Business"],"worksFor":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com"},"sameAs":["https://www.linkedin.com/in/bradslavin"]},"publisher":{"@type":"Organization","name":"DuoCircle LLC","url":"https://www.duocircle.com","logo":{"@type":"ImageObject","url":"https://www.duocircle.com/images/duocircle-logo.png"},"description":"DuoCircle is a portfolio of specialized email products covering protection, authentication, delivery, and routing. We deliver about 90% of category-leader capability at roughly half the price, backed by experts who own the outcome. Trusted by 50,000+ organizations since 2014.","subOrganization":[{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138898167","name":"DMARC Report","url":"https://dmarcreport.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897474","name":"AutoSPF","url":"https://autospf.com"},{"@type":"Organization","@id":"https://www.wikidata.org/wiki/Q138897912","name":"Phish Protection","url":"https://www.phishprotection.com"}]},"mainEntityOfPage":{"@type":"WebPage","@id":"https://www.duocircle.com/blog/announcements/cyber-security-news-update-week-38-of-2021/"},"articleSection":"announcements","keywords":"News, Security, Updates","wordCount":1078,"image":{"@type":"ImageObject","url":"https://media.mailhop.org/duocircle/images/2021/09/sender-policy-framework.jpg","caption":"cybersecurity","width":900,"height":600},"speakable":{"@type":"SpeakableSpecification","cssSelector":[".answer-block","h1"]}}
```