Cyber News
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
Mobile Phishing, the Next Battleground
August 13, 2020
With the rising popularity of iOS and Android devices for everything from sending a client an SMS to attending a Zoom call, it was only a matter of time before cybercriminals seized the opportunity to target users through the least protected and most popular communication medium, mobile. Read more >>>
Hackers have increased their attacks against streaming companies, as research has shown that phishing URLs which include Netflix, HBO, YouTube, and Twitch has risen dramatically. Phishing is an attempt to steal sensitive information such as usernames, passwords, credit card numbers, bank account details and other personal data. Read more >>>
Samsung has started rolling out Android's August security updates to mobile devices to fix critical security vulnerabilities in the operating system. This week Android published their August 2020 security updates, which includes numerous security patches for critical vulnerabilities impacting the latest devices. Read more >>>
Hackers are abusing a new technique: combining homoglyph domains with favicons to conduct credit card skimming attacks. Sophisticated skimming attacks like Magecart have incorporated favicons before and impacted well-known companies like Claire's, Tupperware, Smith & Wesson, Macy's, and British Airways. Being mere images, favicons give off the impression they are innocuous. But attackers find ways to abuse the associated metadata within these files for sinister purposes. Read more >>>
Google on Monday announced the August 2020 security updates for the Android operating system, with patches for a total of more than 50 vulnerabilities. According to Google, the most serious flaw patched this month is a high-severity issue in the Framework component that can be exploited by a remote attacker to execute arbitrary code. WESTprotect recommends you apply the latest patches available immediately. Read more >>>
Hackers can abuse Microsoft Teams updater to install malware
August 6, 2020
Microsoft Teams can still double as a Living off the Land binary (LoLBin) and help attackers retrieve and execute malware from a remote location. Previous efforts from Microsoft to eliminate this hazard work to an extent but cannot stop attackers from abusing Teams to plant and run their payloads. A patch for the new method is unlikely to emerge. Read more >>>
