Ransomware has arrived in the title and escrow industry in a big way. One of the title industry’s main cloud-hosting providers (Cloudstar) has been sidelined by a ransomware attack, the company confirmed in an email to The Title Report.
Cyber News
Cyber threats are evolving every day, keeping up with them is a full-time job. The WESTprotect Cyber News is your source for how these changes affect you in the real estate, title, mortgage, and settlement services industry. From cyber threats to new Tactics, Techniques, and Procedures (TTP’s) we’ve got you covered.
Google has released Chrome 91.0.4472.164 for Windows, Mac, and Linux to fix seven security vulnerabilities, one of them a high severity zero-day vulnerability exploited in the wild. "Google is aware of reports that an exploit for CVE-2021-30563 exists in the wild," the company revealed. The new Chrome release has started rolling out worldwide to the Stable desktop channel and will become available to all users over the following days.
Google security researchers shared more information on four security vulnerabilities, also known as zero-days, unknown before they discovered them being exploited in the wild earlier this year. The four security flaws were found by Google Threat Analysis Group (TAG) and Google Project Zero researchers after spotting exploits abusing zero-day in Google Chrome, Internet Explorer, and WebKit, the engine used by Apple's Safari web browser.
Microsoft has released the KB5004945 emergency security update to address the actively exploited CVE-2021-34527 Zero-day vulnerability, aka PrintNightmare. A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges.
The Federal Bureau of Investigation (FBI) warned private sector companies of scammers impersonating construction companies in business email compromise (BEC) attacks targeting organizations from multiple US critical infrastructure sectors. BEC scammers use various tactics (including social engineering and phishing) to compromise or impersonate business email accounts with the end goal of redirecting pending or future payments to bank accounts under their control.
The US Department of Justice (DOJ) has announced today that a multinational operation took down Slillpp, the largest online marketplace of stolen login credentials. Law enforcement agencies from the United States, Germany, the Netherlands, and Romania seized servers used to host Slilpp's marketplace infrastructure and its domain names. The marketplace's websites are now replaced with a seizure banner on the clear web and displaying an invalid onionsite address error on the dark web.