Cyber News
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
Microsoft Office 365 users are targeted by a new phishing campaign using fake Zoom notifications to warn those who work in corporate environments that their Zoom accounts have been suspended. This Phishing campaign impersonating automated Zoom account suspension alerts has landed in over 50,000 mailboxes with the end goal of stealing Office 365 logins. WESTprotect recommends you use extra caution before clicking suspicious links and ensure patches are up-to-date. Read more >>>
Researchers from cybersecurity firm, ACROS Security, have disclosed a zero-day vulnerability in the Windows client of the popular Zoom video conferencing platform. The vulnerability is a remote code execution issue that allows the targeted user to perform some typical action such as opening a document file without any warning being shown. We recommend that you apply the latest patches available immediately to protect from known security risks. Read more >>>
The threat actor behind the Joker Android malware has once again succeeded at slipping spyware infected apps onto the Play Store, Google's official Android app store. Joker malware, a spyware and premium dialer tool, also known as Bread was originally designed to perform SMS fraud on infected Android apps. More recently, Joker's creators have moved to new tactics after Google introduced Play Store policies that restrict the use of SEND_SMS permissions and increase Google Play protects coverage. Read more >>>
University of California San Francisco ("UCSF") admitted having paid roughly $1.14 million to cybercriminals to recover data encrypted during a ransomware attack that took place in June. Threat actors launched malware that encrypted a limited number of servers within the School of Medicine, making them temporarily inaccessible. Read more >>>
Turn on MFA Before Crooks Do It For You
June 23, 2020
Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Here’s the story of one such incident. Read more >>>
When Security Takes a Backseat to Productivity
June 18, 2020
“We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change.” -CIA’s Wikileaks Task Force. So ends a key section of a report the U.S. Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led to Wikileaks publishing thousands of classified documents stolen from the agency’s offensive cyber operations division. Read more >>>
