A month after their $1M settlement with New York, First American Title suffers a crippling cybersecurity attack

The Title insurance giant just completed a $1 million settlement with DFS of New York over a 2019 cybersecurity breach affecting customer data.

First American Title is providing updates here: https://www.firstamupdate.com/

Related articles:

https://therecord.media/first-american-title-insurance-cyberattack-real-state-industry

First American is the latest cybersecurity attack victim

Zero-Day in Progress MOVEit file transfer software allows SQL Injection attack to gain access, create files, and data exfiltration

There are ~2,500 MOVEit servers available on the internet as of 6/1/2023. This is still developing. There are plenty of sources out there and it looks like these attacks started as resent as 5/27/2023.

https://www.huntress.com/blog/moveit-transfer-critical-vulnerability-rapid-response

https://www.bleepingcomputer.com/news/security/new-moveit-transfer-zero-day-mass-exploited-in-data-theft-attacks/

https://www.trustedsec.com/blog/critical-vulnerability-in-progress-moveit-transfer-technical-analysis-and-recommendations/

PSIRT Advisory: Patch FortiOS SSL-VPN ASAP

https://www.fortiguard.com/psirt/FG-IR-22-398

New York Post Twitter account is “hacked”: Careful what you click(ed) on

Atlassian discloses critical zero-day RCE vulnerability in Confluence (CVE-2022-26134) that is actively being exploited and fixes next day. Patch now!

https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html

https://www.bleepingcomputer.com/news/security/atlassian-fixes-confluence-zero-day-widely-exploited-in-attacks/

MSDT RCE vulnerability is actively being exploited in the wild. CISA advises admins to disable the MSDT protocol

https://www.bleepingcomputer.com/news/security/windows-msdt-zero-day-now-exploited-by-chinese-apt-hackers/

Patch F5 BIG-IP immediately says researchers that were able to easily create exploit code

https://www.bleepingcomputer.com/news/security/exploits-created-for-critical-f5-big-ip-flaw-install-patch-immediately/

Just in time for the weekend: Xbox is down

https://www.bleepingcomputer.com/news/technology/xbox-is-down-worldwide-with-users-unable-to-play-games/

https://support.xbox.com/en-GB/xbox-live-status

Atlassian discloses authentication by pass in Jira/Jira Service Management

https://confluence.atlassian.com/jira/jira-security-advisory-2022-04-20-1115127899.html

Updated Statement by Okta CSO on Twitter posts of a security incident.

https://www.okta.com/blog/2022/03/updated-okta-statement-on-lapsus/