Cyber News
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
Ransomware gangs move to 'callback' social engineering attacks
August 12, 2022
At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim’s network. This allows the threat actors to deploy highly-targeted attacks that are more difficult to detect and stop because of the social engineering component. Read more >>>
Reckoning with the Cloudstar attack, one year later
July 14, 2022
Title and closing industry professionals reflect on the aftermath of the Cloudstar ransomware attack. Nearly a year has passed since the Cloudstar ransomware attack and Stephen Millstein says he still feels “something like PTSD” whenever he thinks about what went down that dreadful mid-July weekend. Read more >>>
A new ransomware operation has been launched under the name 'Lilith,' and it has already posted its first victim on a data leak site created to support double-extortion attacks. Like most ransomware operations launching today, Lilith performs double-extortions attacks, which is when the threat actors steal data before encrypting devices. Read more >>>
Amazon has confirmed and fixed a vulnerability in its Photos app for Android, which has been downloaded over 50 million times on the Google Play Store. Amazon Photos is an image and video storage application that enables users to seamlessly share their snaps with up to five family members, offering powerful management and organization features. Read more >>>
Google Patches Actively Exploited Chrome Bug
July 5, 2022
While people were celebrating the Fourth of July holiday in the United States, Google quietly rolled out a stable channel update for Chrome to patch an actively exploited zero-day vulnerability, the fourth such flaw the vendor has had to patch in its browser product so far this year. Read more >>>
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has removed a Windows security flaw from its catalog of known exploited vulnerabilities due to Active Directory (AD) authentication issues caused by the May 2022 updates that patch it. This security bug is an actively exploited Windows LSA spoofing zero-day tracked as CVE-2022-26925, confirmed as a new PetitPotam Windows NTLM Relay attack vector. Read more >>>
