Cyber News
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
FBI: BlackByte ransomware breached US critical infrastructure
February 15, 2022
The US Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months. "As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors (government facilities, financial, and food & agriculture).," the federal law enforcement agency said. Read more >>>
Adobe Cloud Abused to Steal Office 365, Gmail Credentials
January 14, 2022
Threat actors are creating accounts within the Adobe Cloud suite and sending images and PDFs that appear legitimate to target Office 365 and Gmail users. WESTprotect recommends organizations analyze emails for signs of phishing, maintain a robust security awareness program, and implement network monitoring tools that can identify malicious activity. Read more >>>
State hackers use new PowerShell backdoor in Log4j attacks
January 12, 2022
Hackers believed to be part of the Iranian APT35 state-backed group (aka 'Charming Kitten' or 'Phosphorus') has been observed leveraging Log4Shell attacks to drop a new PowerShell backdoor. The modular payload can handle C2 communications, perform system enumeration, and eventually receive, decrypt, and load additional modules. Read more >>>
New RedLine Malware Version Spread As Fake Omicron Stat Counter
January 12, 2022
A new variant of the RedLine info-stealer is distributed via emails using a fake COVID-19 Omicron stat counter app as a lure. RedLine is a widespread commodity malware sold to cyber-criminals for a couple of hundred USD. It supplies dark web markets with over half of the stolen user credentials sold to other threat actors. Read more >>>
FBI system hacked to email 'urgent' warning about fake cyberattacks
November 15, 2021
The Federal Bureau of Investigation (FBI) email servers were hacked to distribute spam email, impersonating FBI warnings that the recipients' network was breached and data was stolen. The emails pretended to warn about a "sophisticated chain attack" from an advanced threat actor known, who they identify as Vinny Troia. Troia is the head of security research of the dark web intelligence companies NightLion and Shadowbyte. Read more >>>
This new phishing attack features a weaponized Excel file
November 15, 2021
A new phishing campaign targets employees in financial services using links that download a 'weaponized' Excel document. The phishing campaign, dubbed MirrorBlast, was detected by security firm ET Labs in early September. The Excel files could bypass malware-detection systems because they contain "extremely lightweight" embedded macros, making them "particularly dangerous" for organizations dependent on detection-based security and sandboxing. Read more >>>
