Cyber News
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) warned US organizations that data wiping attacks targeting Ukraine could spill over to targets from other countries. The two federal agencies issued this warning in the form of a joint cybersecurity advisory published over the weekend following the unwarranted Russian invasion of Ukraine. Read more >>>
Hackers slip into Microsoft Teams chats to distribute malware
February 17, 2022
Security researchers warn that some attackers are compromising Microsoft Teams accounts to slip into chats and spread malicious executables to participants in the conversation. Researchers found that hackers started to drop malicious executable files in conversations on Microsoft Teams communication platform. The attacks started in January, the threat actor inserts in a chat an executable file called “User Centric” to trick the user into running it. Read more >>>
FBI: BlackByte ransomware breached US critical infrastructure
February 15, 2022
The US Federal Bureau of Investigation (FBI) revealed that the BlackByte ransomware group has breached the networks of at least three organizations from US critical infrastructure sectors in the last three months. "As of November 2021, BlackByte ransomware had compromised multiple US and foreign businesses, including entities in at least three US critical infrastructure sectors (government facilities, financial, and food & agriculture).," the federal law enforcement agency said. Read more >>>
Google Chrome emergency update fixes zero-day exploited in attacks
February 15, 2022
Google has released Chrome 98.0.4758.102 for Windows, Mac, and Linux, to fix a high-severity zero-day vulnerability used by threat actors in attacks. "Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild," Google said in a security advisory released today. Read more >>>
Adobe Cloud Abused to Steal Office 365, Gmail Credentials
January 14, 2022
Threat actors are creating accounts within the Adobe Cloud suite and sending images and PDFs that appear legitimate to target Office 365 and Gmail users. WESTprotect recommends organizations analyze emails for signs of phishing, maintain a robust security awareness program, and implement network monitoring tools that can identify malicious activity. Read more >>>
State hackers use new PowerShell backdoor in Log4j attacks
January 12, 2022
Hackers believed to be part of the Iranian APT35 state-backed group (aka 'Charming Kitten' or 'Phosphorus') has been observed leveraging Log4Shell attacks to drop a new PowerShell backdoor. The modular payload can handle C2 communications, perform system enumeration, and eventually receive, decrypt, and load additional modules. Read more >>>
