Cyber News
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
Ransomware gangs move to 'callback' social engineering attacks
August 12, 2022
At least three groups split from the Conti ransomware operation have adopted BazarCall phishing tactics as the primary method to gain initial access to a victim’s network. This allows the threat actors to deploy highly-targeted attacks that are more difficult to detect and stop because of the social engineering component. Read more >>>
Cisco on Wednesday rolled out patches to address eight security vulnerabilities, three of which could be weaponized by an unauthenticated attacker to gain remote code execution (RCE) or cause a denial-of-service (DoS) condition on affected devices. Read more >>>
A new large-scale phishing campaign targeting credentials for Microsoft email services use a custom proxy-based phishing kit to bypass multi-factor authentication. Researchers believe the campaign's goal is to breach corporate accounts to conduct BEC attacks, diverting payments to bank accounts under their control using falsified documents. The phishing campaign's targets include fin-tech, lending, accounting, insurance, and Federal Credit Union organizations in the US. Read more >>>
Reckoning with the Cloudstar attack, one year later
July 14, 2022
Title and closing industry professionals reflect on the aftermath of the Cloudstar ransomware attack. Nearly a year has passed since the Cloudstar ransomware attack and Stephen Millstein says he still feels “something like PTSD” whenever he thinks about what went down that dreadful mid-July weekend. Read more >>>
A new ransomware operation has been launched under the name 'Lilith,' and it has already posted its first victim on a data leak site created to support double-extortion attacks. Like most ransomware operations launching today, Lilith performs double-extortions attacks, which is when the threat actors steal data before encrypting devices. Read more >>>
A new Android malware family on the Google Play Store that secretly subscribes users to premium services was downloaded over 3,000,000 times. The malware, named 'Autolycos,' was discovered to be in at least eight Android applications The two apps still available are named 'Funny Camera' by KellyTech, which has over 500,000 installations, and 'Razer Keyboard Theme' by rxcheldiolola, which counts over 50,000 installs on the Play Store. Read more >>>
