Cyber News
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
Interpol: Lockbit ransomware attacks affecting American SMBs
August 5, 2020
American medium-sized companies are actively targeted by LockBit ransomware operators according to an Interpol report on the impact the COVID-19 pandemic had on cybercrime around the world. The report was produced by Interpol's Cybercrime Directorate and it includes data from 48 Interpol member countries and 4 private partners, as well as info and analysis from Interpol's Cybercrime Threat Response (CTR) unit and its Cyber Fusion Centre (CFC). Read more >>>
The U.S. Federal Bureau of Investigation (FBI) has warned private industry partners of increased security risks impacting computer network infrastructure because of devices still running Windows 7 after the operating system reached its end of life on January 14. "The FBI has observed cybercriminals targeting computer network infrastructure after an operating system achieves end of life status," the FBI said in a private industry notification (PIN) issued yesterday. Read more >>>
An Office 365 phishing campaign abused Google Ads to bypass secure email gateways (SEGs), redirecting employees of targeted organizations to phishing landing pages and stealing their Microsoft credentials. The attackers behind these attacks took advantage of the fact that the domains used by Google's Ads platform are overlooked by SEGs, which allows them to deliver their phishing messages to their targets' inboxes bypassing email filters. Read more >>>
Fifteen out of 28 desktop PDF viewer applications are vulnerable to a new attack that lets malicious threat actors modify the content of digitally signed PDF documents. The list of vulnerable applications includes Adobe Acrobat Pro, Adobe Acrobat Reader, Perfect PDF, Foxit Reader, PDFelement, and others, according to new research [PDF] published this week by academics from the Ruhr-University Bochum in Germany. Read more >>>
Cybercriminals are abusing cloud services, such as Google Cloud Services, to arrange a phishing campaign aimed at stealing Office 365 logins. Check Point reports attackers relied on Google Drive to host a malicious PDF document and Google’s "storage[.]googleapis[.]com" to host the phishing page. The page is designed to trick victims into providing their Office 365 logins or organization e-mail. WESTptotect recommendations include educating staff on phishing and not clicking on unknown links. Read more >>>
It's estimated around one billion online records have been exposed in a massive data breach, potentially affecting more than 20 million users of free Virtual Private Network (VPN) apps. vpnMentor cybersecurity researchers claim they found an unsecured server shared by several VPNs - software designed to protect users' privacy by hiding their identities. Read more >>>
