Cyber News
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
Sendgrid Under Siege from Hacked Accounts
August 31, 2020
Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. Sendgrid’s parent company Twilio says it is working on a plan to require multi-factor authentication for all of its customers, but that solution may not come fast enough for organizations having trouble dealing with the fallout in the meantime. Read more >>>
5 Cyber Security Risks and Issues You'd Be a Fool to Ignore
August 31, 2020
Every single day, over 350,000 pieces of new malware are detected. Competing with this is difficult but staying on top of cyber security risks is vital for your business. A data breach can cost a fortune and if you are attacked, you could lose days, weeks, or even months of work. Could your business survive this? Read more >>>
DarkSide Ransomware hits North American real estate developer
August 26, 2020
North American land developer and homebuilder Brookfield Residential is the first victim of the new DarkSide Ransomware. DarkSide will breach a network and spread laterally between devices while stealing unencrypted data. Upon gaining access to a Windows domain controller, the threat actors deploy ransomware throughout the network. As part of their extortion strategy, DarkSide will create an entry for each victim whose data has been stolen on their data leak site. Read more >>>
Hackers have increased their attacks against streaming companies, as research has shown that phishing URLs which include Netflix, HBO, YouTube, and Twitch has risen dramatically. Phishing is an attempt to steal sensitive information such as usernames, passwords, credit card numbers, bank account details and other personal data. Read more >>>
Hackers are abusing a new technique: combining homoglyph domains with favicons to conduct credit card skimming attacks. Sophisticated skimming attacks like Magecart have incorporated favicons before and impacted well-known companies like Claire's, Tupperware, Smith & Wesson, Macy's, and British Airways. Being mere images, favicons give off the impression they are innocuous. But attackers find ways to abuse the associated metadata within these files for sinister purposes. Read more >>>
Hackers can abuse Microsoft Teams updater to install malware
August 6, 2020
Microsoft Teams can still double as a Living off the Land binary (LoLBin) and help attackers retrieve and execute malware from a remote location. Previous efforts from Microsoft to eliminate this hazard work to an extent but cannot stop attackers from abusing Teams to plant and run their payloads. A patch for the new method is unlikely to emerge. Read more >>>
