The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) published a joint advisory providing details about the BlackMatter ransomware operations and defense recommendations. The advisory includes tactics, techniques, and procedures (TTPs) the group uses and detailed analysis on the variant.
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
The FBI warned the US public that threat actors actively use fake and spoofed unemployment benefit websites to harvest sensitive financial and personal information from unsuspecting victims. Sites used in these attacks are designed to closely resemble official government platforms to trick the targets into giving away their info, infecting them with malware, and claiming unemployment benefits on their behalf.
While previously reported phishing campaigns have often involved threat actors impersonating high-ranking employees, such as CEOs and CFOs, a new study by Avanan researchers found that half of all phishing emails they analyzed impersonated non-executives. 77% of those emails targeted employees on the same level as the impersonated employee.
Cloudstar still has no “definitive restoration timeline” for its cloud-hosting systems that were taken out by a ransomware attack on July 16. It also said “it is too early to speculate about what data may have been impacted” or information breached, according to a July 19 post on its website. The company hired third-party forensics experts Tetra Defense to help in recovery efforts and contacted law enforcement. “Negotiations with the threat actor are ongoing,” the company posted.
Google security researchers shared more information on four security vulnerabilities, also known as zero-days, unknown before they discovered them being exploited in the wild earlier this year. The four security flaws were found by Google Threat Analysis Group (TAG) and Google Project Zero researchers after spotting exploits abusing zero-day in Google Chrome, Internet Explorer, and WebKit, the engine used by Apple's Safari web browser.