Fifteen out of 28 desktop PDF viewer applications are vulnerable to a new attack that lets malicious threat actors modify the content of digitally signed PDF documents. The list of vulnerable applications includes Adobe Acrobat Pro, Adobe Acrobat Reader, Perfect PDF, Foxit Reader, PDFelement, and others, according to new research [PDF] published this week by academics from the Ruhr-University Bochum in Germany.
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
Employee mistakes are having a potentially dire impact on enterprise cybersecurity, with 43% of workers admitting to making an error that had a negative impact on corporate digital security. This is according to The Psychology of Human Error, a report published today by email security company Tessian, which surveyed 2,000 employees in the US and the UK in April.
Cybercriminals are abusing cloud services, such as Google Cloud Services, to arrange a phishing campaign aimed at stealing Office 365 logins. Check Point reports attackers relied on Google Drive to host a malicious PDF document and Google’s "storage[.]googleapis[.]com" to host the phishing page. The page is designed to trick victims into providing their Office 365 logins or organization e-mail. WESTptotect recommendations include educating staff on phishing and not clicking on unknown links.
Businesses worldwide have seen a jump in cyber-attacks with most reporting an increase in COVID-19 related malware. The COVID-19 outbreak also unveiled gaps in business recovery planning. These gaps are reported as slight to severe in 89% of cases in the country, and another 86% uncovered gaps in their IT operations because of the pandemic. Additionally, 85% identified problems due to a remote workforce and 73.5% had issues related to the visibility of cybersecurity threats.
It's estimated around one billion online records have been exposed in a massive data breach, potentially affecting more than 20 million users of free Virtual Private Network (VPN) apps. vpnMentor cybersecurity researchers claim they found an unsecured server shared by several VPNs - software designed to protect users' privacy by hiding their identities.