Cyber News
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
Qbot uses a new email collector module in the latest campaign
September 1, 2020
QBot Trojan operators are using new tactics in their campaign to hijack legitimate email conversations to steal sensitive data from the victims. Delivered by spam messages that contain URLs to .ZIP files that serve content designed to download the payload from one of six hardcoded encrypted URLs. WESTprotect recommends that you be wary of unexpected emails that contain links or attachments. Read more >>>
Sendgrid Under Siege from Hacked Accounts
August 31, 2020
Email service provider Sendgrid is grappling with an unusually large number of customer accounts whose passwords have been cracked, sold to spammers, and abused for sending phishing and email malware attacks. Sendgrid’s parent company Twilio says it is working on a plan to require multi-factor authentication for all of its customers, but that solution may not come fast enough for organizations having trouble dealing with the fallout in the meantime. Read more >>>
5 Cyber Security Risks and Issues You'd Be a Fool to Ignore
August 31, 2020
Every single day, over 350,000 pieces of new malware are detected. Competing with this is difficult but staying on top of cyber security risks is vital for your business. A data breach can cost a fortune and if you are attacked, you could lose days, weeks, or even months of work. Could your business survive this? Read more >>>
DarkSide Ransomware hits North American real estate developer
August 26, 2020
North American land developer and homebuilder Brookfield Residential is the first victim of the new DarkSide Ransomware. DarkSide will breach a network and spread laterally between devices while stealing unencrypted data. Upon gaining access to a Windows domain controller, the threat actors deploy ransomware throughout the network. As part of their extortion strategy, DarkSide will create an entry for each victim whose data has been stolen on their data leak site. Read more >>>
World's largest cruise line operator Carnival hit by ransomware
August 19, 2020
Cruise line operator Carnival Corporation has disclosed that one of their brands was hit with a ransomware attack over the past weekend that accessed and encrypted a portion of one brand’s information technology systems. "The unauthorized access also included the download of certain of our data files," states the 8-K form filed with the SEC. WESTprotect recommendations for ransomware include educating staff on phishing and phishing lures, proactive patching, and ensuring anti-virus is up to date Read more >>>
The Dharma Ransomware-as-a-Service (RaaS) operation makes it easy for a wannabe cyber-criminal to get into the ransomware business by offering a toolkit that does almost everything for them. A RaaS operation is a cybercrime model where the developers are in charge of managing the ransomware development and ransom payment system. At the same time, affiliates are responsible for compromising victims and deploying the ransomware. Read more >>>
