Welcome to the latest edition of the Neu Cyber Threats, a weekly series in which we bring attention to the latest cyber attacks, scams, frauds, malware including Ransomware and DDoS, in order to ensure you stay safe online.

Here are the most prominent threats which you should be aware of:

 

Optus

Hacker releases personal customer records after demanding $1.5million

Telecommunication giant Optus has been hit with a catastrophic data leak that has put up to 10 million people at risk. The hacker has stolen customers’ personal data, which includes driving licence details, passport details and Medicare numbers. Customers were then faced with a message demanding $2000 to be sent to the hacker’s bank account under the name Optusdata to erase their details before they were released and exploited.  

On Tuesday, Victor Dominello confirmed that the government will replace licenses free of charge that may have been used in the data leak. As a result of the data breach, Optus has been slammed by the Australian Cyber Security Minister for having weak cyber security and doesn’t believe that Optus’ claims that this was a sophisticated attack, it has been said to have been an extremely basic hack and that Optus ay as well of left the door open. In the meantime, the hacker issued an apology to Optus and the public, claiming they had a change of heart, dropped the ransom, and deleted the data which was obtained. 

Zero-day bug threatens WhatsApp security enabling hackers to control the app remotely

WhatsApp has silently fixed two known zero-day vulnerabilities that could have given hackers the ability to remotely execute arbitrary code on both Android and iOS devices. This is even more concerning as WhatsApp is heavily focused on privacy and therefore used by over a billion people worldwide. 

The two zero-day vulnerabilities are: 

CVE-2022-36934: Integer Overflow Bug 

CVE-2022-27492: Integer Underflow Bug 

When discovered by WhatsApp’s internal team, these vulnerabilities were marked as CRITICAL, with a score of 10/10. These vulnerabilities could have enabled a threat actor to spread malware, steal sensitive data, watch over the users’ activities, or hack the entire device. Users are advised to update their WhatsApp messenger to the latest version because of the vulnerabilities. 

Poor password protection leads to loss of millions of pounds from personal accounts

The leading provider of zero-trust and zero-knowledge cyber security software, Keeper Security, has surveyed thousands of Brits online to discover their password security secrets. The survey unveiled that half of the people taking part had been hacked at least once previously. 

The survey uncovered the shocking amount of sensitive information stolen and millions of pounds taken from digital wallets and accounts as a result of poor password protection. Revealing the average cost of a cyber attack for an individual is £295. Furthermore, when asked what they would rather do than be hacked, these were the results: 

23% would rather not have access to TV for a week 

22% would rather be stood up on a date 

And 12% would rather have a root canal 

With 49% of brits using the same password across multiple sites and apps, therefore, once a hacker cracks one password, they have access across all apps and data, causing widespread disruption. This highlights the importance of password security and protection and why cyber security software is something everyone should be using. 

To read the full report, click the link:  https://www.keepersecurity.com/uk-password-practices-report/ 

If you are concerned about any cyber security issues within your business, contact us today on 01283 753 333 or email hello@neuways.com.