Categories
Ace Breaking News

BREAKING UPDATES RELEASED: Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely on Android & IOS

This is our daily post that is shared across Twitter & Telegram and published first on here with Kindness & Love XX on peace-truth.com/

#AceNewsRoom With ‘Kindness & Wisdom’ Sept, 29, 2022 @acebreakingnews

Ace News Room Cutting Floor 29/09/2022

Follow Our Breaking & Daily News Here As It Happens:

#AceBreakingNews – WhatsApp has released security updates to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices.

HACKERS NEWS REPORT

One of them concerns CVE-2022-36934 (CVSS score: 9.8), a critical integer overflow vulnerability in WhatsApp that results in the execution of arbitrary code simply by establishing a video call.

The issue impacts the WhatsApp and WhatsApp Business for Android and iOS prior to versions 2.22.16.12.

Also patched by the Meta-owned messaging platform is an integer underflow bug, which refers to an opposite category of errors that occur when the result of an operation is too small for storing the value within the allocated memory space.

The high-severity issue, given the CVE identifier CVE-2022-27492(CVSS score: 7.8), affects WhatsApp for Android prior to versions 2.22.16.2 and WhatsApp for iOS version 2.22.15.9, and could be triggered upon receiving a specially crafted video file.

Exploiting integer overflows and underflows are a stepping stone towards inducing undesirable behavior, causing unexpected crashes, memory corruption, and code execution.

WhatsApp did not share more specifics on the vulnerabilities, but cybersecurity firm Malwarebytes said that they reside in two components called Video Call Handler and Video File Handler, which could permit an attacker to seize control of the app.

Vulnerabilities on WhatsApp can be a lucrative attack vector for threat actors looking to plant malicious software on compromised devices. In 2019, an audio calling flaw was exploited by the Israeli spyware maker NSO Group to inject the Pegasus spyware.

#AceNewsDesk report ………..Published: Sept.29:  2022:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

Categories
Ace Breaking News

BREAKING APT REPORT: Hackers Using PowerPoint Mouseover Trick to Infect System with Malware

This is our daily post that is shared across Twitter & Telegram and published first on here with Kindness & Love XX on peace-truth.com/

#AceNewsRoom With ‘Kindness & Wisdom’ Sept, 29, 2022 @acebreakingnews

Ace News Room Cutting Floor 29/09/2022

Follow Our Breaking & Daily News Here As It Happens:

#AceBreakingNews – The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware.

PowerPoint Mouseover Trick
HACKER NEWS REPORT

The technique “is designed to be triggered when the user starts the presentation mode and moves the mouse,” cybersecurity firm Cluster25 said in a technical report. “The code execution runs a PowerShell script that downloads and executes a dropper from OneDrive.”

The dropper, a seemingly harmless image file, functions as a pathway for a follow-on payload, a variant of a malware known as Graphite, which uses the Microsoft Graph API and OneDrive for command-and-control (C2) communications for retrieving additional payloads.

The attack employs a lure document that makes use of a template potentially linked to the Organisation for Economic Co-operation and Development (OECD), a Paris-based intergovernmental entity.

PowerPoint Mouseover Trick

Cluster25 noted the attacks may be ongoing, considering that the URLs used in the attacks appeared active in August and September, although the hackers had previously laid the groundwork for the campaign between January and February.

Potential targets of the operation likely include entities and individuals operating in the defense and government sectors of Europe and Eastern Europe, the company added, citing an analysis of geopolitical objectives and the gathered artifacts.

This is not the first time the adversarial collective has deployed Graphite. In January 2022, Trellix disclosed a similar attack chain that exploited the MSHTML remote code execution vulnerability (CVE-2021-40444) to drop the backdoor.

The development is a sign that APT28 (aka Fancy Bear) continues to hone its technical tradecraft and evolve its methods for maximum impact as exploitation routes once deemed viable (e.g., macros) cease to be profitable.

#AceNewsDesk report ………..Published: Sept.29:  2022:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

Categories
Ace Daily News

FEATURED: Windows 11 pulls ahead of Windows 10 in anti-phishing stakes

This is our daily post that is shared across Twitter & Telegram and published first on here with Kindness & Love XX on peace-truth.com/

#AceNewsRoom With ‘Kindness & Wisdom’ Sept, 28, 2022 @acenewsservices

Ace News Room Cutting Floor 28/09/2022

Follow Our Breaking & Daily News Here As It Happens:

#AceNewsDesk – Some new security additions and changes have been announced for users of Windows, but you’ll have to be using Windows 11 to get the most out of them. Windows 10 users may find that this is going to be a case of falling behind the herd ever so slightly according to Malwarebytes by September 26, 2022

Email notifications

Anti-phishing tools

Enhanced phishing protection, by way of Smartscreen, is the name of the game, and Microsoft is all too happy to explain the changes. Smartscreen is a Windows feature which helps ward off bogus sites phishing for personal data and payment information. People running IE8 and later will also find it attempts to protect against infectious files. It offers slightly different features depending on which flavour of Microsoft browser you’re using, but the overall end result is largely the same: A variety of protections against phishing portals.

In terms of features for Windows 11, enhanced phishing protection “automatically detects when users type their password into any app or site”. Windows knows “in real time” whether websites and apps have secure connections to trusted websites, notifying users of potential danger up ahead and also spreading word to other users when a phishing attack is blocked.

There is also mention of Windows analysing when and where password entry occurs, notifying users of potentially unsafe usage. This sounds a lot like how many password managers operate, popping a notification when (for example) password reuse is detected. One key difference here is that using passwords in an unsafe way is “reported to IT” for incident tracking purposes.

Friendly popups

There are some interesting additions to the user experience. Typing a password into a phishing site in a Chromium browser, or an application connecting to a phishing portal, presents the user with a popup which says:

This app made an unsafe connection that was reported to Microsoft for stealing passwords. Your organisation recommends changing your work or school password to keep your account safe.

Clicking the change password button takes users to sign-in options where they can alter the password as needed. Microsoft says that without this feature, credentials may be handed over to the fake site. On the other hand, popups that lead people from dangerous sites to password amendment options may encourage malicious imitations that trick unwary users. However, two sets of popups might increase the chances of something untoward being noticed, but the history of UX is littered with intolerant users blazing through that sort of thing.

Elsewhere, Windows will notify users who are typing passwords into notepad files and other programs that this is bad practice. As per the relevant popup:

It’s unsafe to store your password in this app. Your organisation considers it unsafe to store your password in this app and recommends removing your password from this file.

We’re not here today to discuss the merits and drawbacks of off-the-beaten-track password systems. However, it’s worth noting that this detection of typed passwords is raising some eyebrows:

The advice is good but it should come from a human, not the OS. How long has Windows been reading what I paste into Notepad? #privacy#security https://t.co/7iZNWDpzG7— m (@tinymwriter) September 23, 2022

Windows 11, but not 10

Finally, we come to the part where our two operating system paths diverge.

Custom-made phishing alerts are available to Windows 11 users, but not to users of Windows 10. Organisations can configure Enhanced Phishing Protection to warn uses about password reuse, unsafe apps, and malicious activity, and can and switch the feature’s audit mode on and off, which determines whether sends telemetry about unsafe password events.

It’s to be expected that Windows 11 will eventually pull away from 10 in the security frontrunner stakes. Although adoption was low at the tail end of 2021, numbers will slowly ramp up over time as the Windows 10 end-of-life approaches, and organisations catch up with the stringent hardware requirements.

Only a few months back, we saw Microsoft tackling RDP intrusion with rate limiting for login attempts. We also now have upgrades to kernel protection, more support for hybrid work operations, and new default limits for SMB server authentication. It’s inevitable that we’ll continue to see this happening, and so the gulf will widen between the OS siblings.

No matter which version you’re running, ensure you keep your OS fully up-to-date and enable the security options most relevant to you. There’s enough choice available to hopefully configure your devices the exact way you need them to be running at any given time.

Stay safe out there!

#AceNewsDesk report ………..Published: Sept.28: 2022:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

Categories
Ace Breaking News

FEATURED AUSTRALIA: BREAKING OPTUS REPORT: What We Know & What You Can Do & Where You Can Get Help

This is our daily post that is shared across Twitter & Telegram and published first on here with Kindness & Love XX on peace-truth.com/

#AceNewsRoom With ‘Kindness & Wisdom’ Sept, 25, 2022 @acenewsservices

Ace News Room Cutting Floor 25/09/2022

Follow Our Breaking & Daily News Here As It Happens:

#AceBreakingNews – What’s happening with the Optus data breach? What we know about the alleged hacker’s ransom, data release and apology

The fallout from last week’s cyber attack on telecommunications giant Optus, which exposed the details of current and former customers, is continuing.

A woman uses her phone outside an Optus store as a man looks at his.
The alleged cyber attacker posted a series of messages online in the wake of the cyber attack. (AAP: Dan Peled)none

The leaked information includes dates of birth, names, phone numbers and, in some cases, addresses and drivers licence numbers.

Nearly a week after the attack, we’re still trying to get a clear picture of what happened and what it means for affected people. 

Here’s the latest.

Why am I hearing about a hacker making ransom demands?

You might have seen this screenshot from BreachForums floating around — it was being shared on social media this morning:

A screenshot of a post on a forum from an account claiming to have the data accessed in the Optus cyber attack,
People are being urged not to click any links in the post. (ABC News)none

It features a threat from someone claiming to have the data asking for a ransom of $US1 million ($1.5 million) on Saturday.

The user claims to be selling the data, which includes email addresses, dates of birth, first and last names, phone numbers, drivers’ licence and passport numbers.

The red writing underneath shows the supposed hackers threatening to release 10,000 records from for every day the ransom is not paid within a week. 

The user claimed 10,000 records were published this morning, but people were warned not to click any links in the post. 

Some cyber security experts believe the account is legitimate, but it has not been confirmed by Optus or the Australian Federal Police (AFP).

The ABC has contacted both for a response.

Guardian Australia tech reporter Josh Taylor said he’d seen some of the released files and they looked legitimate. 

“It’s got names, date of births, email addresses, postal addresses, phone numbers, Medicare card numbers, passport numbers, drivers licence numbers — its got everything,” he said. 

“These are what is used in the 100 points of documentation you need to prove your identity with a lot of corporations.”

A few hours later, the user appeared to have apologised:The user said it was a “mistake to scrape publish data in first place” in a post on the forum. (ABC News)none

Here’s the full text of that post:

“Too many eyes. We will not sale data to anyone. We cant if we even want to: personally deleted data from drive (Only copy)

“Sorry too 10.200 Australian whos data was leaked.

“Australia will see no gain in fraud, this can be monitored. Maybe for 10.200 Australian but rest of population no. Very sorry to you.

“Deepest apology to Optus for this. Hope all goes well from this

“Optus if your reading we would have reported exploit if you had method to contact. No security mail, no bug bountys, no way too message.

“Ransom not payed but we dont care any more. Was mistake to scrape publish data in first place.”

What does the Optus CEO say?

The ABC’s Peter Ryan spoke to Optus boss Kelly Bayer Rosmarin about a ransom demand this morning. 

She said she couldn’t say much because of the Australian Federal Police investigation, but confirmed the company was aware of the post:

“We have seen that there is a post like that on the dark web and the Australian Federal Police is all over that,” she said.

Here’s what an AFP spokesperson said about the alleged ransom on Saturday:

“The AFP is aware of reports alleging stolen Optus customer data and credentials may be being sold through a number of forums, including the dark web.

“The AFP is using specialist capability to monitor the dark web and other technologies and will not hesitate to take action against those who are breaking the law.”

How will I know if my ID numbers have been stolen?

You should have received an email or text from Optus by now. 

Here’s an update from Optus yesterday morning

“Optus has now sent email or SMS messages to all customers whose ID document numbers, such as licence or passport number, were compromised because of the cyber attack.”

What does the Optus email look like?

Here’s a screenshot of an email sent to a customer earlier this week:Optus says there won’t be any links in the messages it sends about the breach.(ABC News)none

If I haven’t got an email yet, am I in the clear?

Not necessarily. 

As of yesterday morning, Optus said it was still in the process of contacting people whose other details, such as email address, have been illegally accessed. 

Optus says its official emails and text messages will not have hyperlinks in them.

If you receive an email or text that looks like it’s from Optus and it has a link, do not click that link — it could be a scam. 

Who can I call for help?

The Office of the Australian Information Commissioner (OAIC) says anyone who thinks they’re involved should contact Optus at the first instance.

The office said to try the Optus website first before calling the company on 133 937

The OAIC has more details on steps you can take on its website.

What is Optus doing to help affected people?

It’s offering “the most affected current and former customers” a free 12-month subscription to credit monitoring and identity protection service Equifax Protect.

“The most affected customers will be receiving direct communications from Optus over the coming days on how to start their subscription at no cost,” the company said yesterday. 

What else can customers do?

IDCare, a not-for-profit charity which describes itself as Australia’s national identity and cyber support service, has put out a fact sheet on the breach with advice for victims. However, it says people should consider their personal circumstances.

It recommends the following precautionary proactive responses:

  • Remain vigilant about scams and unsolicited calls, emails and text messages: Look out for any suspicious or unexpected activity across your online accounts  and report it to your provider if you see something that doesn’t look right
  • Wherever possible, ensure any accounts you have in place are protected with multi-factor authentication
  • Check your free credit reports with Equifax, illion and Experian: ID Care says credit reports allows you to check to see if someone tried to obtain credit in your name. It recommends going through each of the three agencies to ensure nothing’s missed and make sure you’re using a device with updated anti-virus protection if you’re doing this over email. However, ID Care says that, if an ID theft event has only just happened, it’s recommended you wait a week before applying for the credit report
  • Apply for a credit ban: ID Care says this means that credit reporting agencies can’t disclose any personal information from your consumer credit file to any credit providers unless they have written consent or are required to do so by law. Again, IDCare recommends going through all three agencies. 

Here’s where you can go to request a credit history:

And here’s where you can request a credit ban:

State governments on Tuesday addressed concerns over leaked drivers licence details, with Queensland, Victoria and New South Wales saying they will work to support those affected who wish to replace their licences.

And, while you’re thinking of cyber security, it might be an idea to head to the HaveIBeenPwned website and check to see if your mobile number and email address have appeared in recorded data breaches. 

It’s a free site run by Troy Hunt, an Australian cybersecurity expert who keeps a database of known leaked data.The site is run by Troy Hunt, an Australian cyber scrutiny expert. (ABC News)none

#AceNewsDesk report ………..Published: Sept.25: 2022:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

Categories
Ace Daily News

FEATURED FTC REPORT: Did you get an email saying your personal info is for sale on the dark web telling you they have your private data

This is our daily post that is shared across Twitter & Telegram and published first on here with Kindness & Love XX on peace-truth.com/

#AceNewsRoom With ‘Kindness & Wisdom’ Sept, 25, 2022 @acenewsservices

Ace News Room Cutting Floor 25/09/2022

Follow Our Breaking & Daily News Here As It Happens:

#AceNewsDesk – People are telling us they’ve gotten emails warning that their sensitive personal information is being sold in the shadowy marketplaces of the dark web.

Graphic showing an open laptop computer with images of credit cards, drivers' licenses, and other personal data that might be available for sale on the dark web.

Some emails list the stolen information, like all or part of the person’s Social Security number, date of birth, and driver’s license number. If you’ve got one of these emails, take steps to help protect yourself against financial loss from identity theft.

Don’t click a link or use a phone number in the message. It could be a “phishing” email, designed to trick you into disclosing sensitive information to scammers. If you think the message is legit — for example, if you have a credit monitoring service or a credit card with a company that monitors the dark web — contact the company using a website or phone number that you know is real.

Change your passwords to secure your accounts. Start by changing the passwords on your email accounts. Email accounts often are the weak link in online security because password resets for other accounts go to your email. If your email account password has become known, then an identity thief can log into your account and intercept your password reset emails.

  • Pro tip: When setting up new passwords, consider using a password manager. Free ones are built into most browsers and will automatically create passwords that are hard to guess. Be sure to use different passwords for each account and, if the account offers multifactor authentication, use it for added security:

Check your credit reports. After securing your accounts, make sure nobody has opened new accounts using your information. Visit AnnualCreditReport.com to get an annual free credit report from each of the three nationwide credit bureaus, Equifax, Experian, and TransUnion. Through December 2023, you can get a free credit report every week from each of them at the website. If you find an account or transaction you don’t recognize, visit IdentityTheft.gov to report the identity theft and get a personal recovery plan.

Consider freezing your credit. A credit freeze, also known as a security freeze, is free to place and remove and is the best way to protect against an identity thief opening new accounts in your name. Alternatively, place a free fraud alert on your credit to make it more difficult for an identity thief to get new credit in your name. 

Visit IdentityTheft.gov/databreach for more steps to take, depending on what information was exposed. And, if you get one of these emails, please tell us at ReportFraud.ftc.gov.

#AceNewsDesk report ………..Published: Sept.25: 2022:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

Categories
Ace Breaking News

BREAKING AFP OPTUS REPORT: Monitor the dark web & internet forums after reports that stolen data may be being sold online.

This is our daily post that is shared across Twitter & Telegram and published first on here with Kindness & Love XX on peace-truth.com/

#AceNewsRoom With ‘Kindness & Wisdom’ Sept, 24, 2022 @acebreakingnews

Ace News Room Cutting Floor 24/09/2022

Follow Our Breaking & Daily News Here As It Happens:

#AceBreakingNews – The Australian Federal Police are monitoring the dark web and internet forums after reports stolen Optus data may be being sold online.

A laptop computer sits open on a bed in a dark room showing an email account on screen.
The Optus CEO said she was aware of reports the stolen data was allegedly being sold online. (Unsplash: Jay Wennington)none

One post on the website BreachForums claims to be selling the data, which includes email addresses, dates of birth, first and last names, phone numbers, driver’s licenses, and passport numbers.

The dataset referred to has not been confirmed or verified by Optus, the police, or intelligence agencies, but some numbers have been verified by journalists.

“The AFP is aware of reports alleging stolen Optus customer data and credentials may be being sold through a number of forums, including the dark web,” a police spokesperson told the ABC.

“The AFP is using specialist capability to monitor the dark web and other technologies and will not hesitate to take action against those who are breaking the law.”

Optus data breach: what to do nowAfter a malicious cyber attack, Optus customers dating back to 2017 are advised they could be at risk of identity theft. Here’s what to do if you think you’re data is at riskRead more

Co-founder of cybersecurity firm Internet2.0, Robert Potter, who has advised US and Australian governments on cyber attacks, said the data was authentic.

“I’m comfortable saying the data is authentic information and an amount of it include email addresses not previously seen in other breaches,” Mr Potter told the ABC.

“Some of the data is still encrypted. Optus should confirm if it is from their systems.”

It is an offence to buy stolen credentials online with a penalty of up to 10 years’ imprisonment.

During a media briefing on Friday, Optus chief executive Kelly Bayer Rosmarin said the company was aware of reports Optus data was allegedly being sold online.

“One of the challenges when you go public with this sort of information is you can have lots of people claiming lots of things,” Ms Bayer Rosmarin said.

“There is nothing that has been validated and for sale that we are aware of, but the teams are looking into every possibility.”

On Saturday, Optus was not willing to comment on the post citing advice from police.

“We are coordinating with the AFP because this is now a criminal investigation,” the spokesperson said.

“Given the investigation, Optus will not comment on the legitimacy of customer data claimed to be held by third parties and urges all customers to exercise caution in their online transactions and dealings.

“Once again, we apologise.”Optus contacts customers in wake of data breech

Optus continues to contact customers implicated in attack

Some cyber experts are urging caution around reports of data being sold online, warning it could be an attempt to capitalise on media attention.

Optus is continuing to contact all customers implicated in the cyber-attack.

“We will begin with customers whose ID document number may have been compromised, all of whom will be notified by today,” the spokesperson said.

Optus has also advised customers to be very vigilant online and to be careful of scams.

“If customers receive an email or SMS with a link claiming to be from Optus, they are advised that this is not a communication from Optus. Please do not click on any links,” the spokesperson said.

“We have been advised that our announcement of the attack is likely to trigger a number of claims and scams from criminals.”

#AceNewsDesk report ………..Published: Sept.24: 2022:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

Categories
Ace Breaking News

BREAKING AUSTRALIA: WATCH OPTUS BREACH REPORT: Change YOUR Passwords NOW even though they deny they were not Breached – Be Safe & Sound – NOW

This is our daily post that is shared across Twitter & Telegram and published first on here with Kindness & Love XX on peace-truth.com/

#AceNewsRoom With ‘Kindness & Wisdom’ Sept, 23, 2022 @acebreakingnews

Ace News Room Cutting Floor 23/09/2022

Follow Our Breaking & Daily News Here As It Happens:

#AceBreakingNews – Optus says it has been hit by a cyber attack that has compromised customer information: The ACSC website has step-by-step guides on how to apply these tips on Apple, Android, and Windows devices.

Play Video. Duration: 6 minutes 15 seconds
Optus CEO can’t confirm how many customers affected by data breach

Optus has been hit by a cyber attack that has compromised customer information, the telecommunications company says in a statement.

Information that may have been exposed includes customers’ names, dates of birth, phone numbers and email addresses, Optus says. 

For some customers, addresses and ID document numbers such as driver’s licence or passport numbers have been exposed. 

The breach involves both current and former customers, Optus CEO Kelly Bayer Rosmarin told the ABC.

“It’s just too early for us to give specific numbers. It is a significant number and we want to be absolutely sure when we come out and say how many [customers have been affected].” 

The company says it has shut down the attack, notified the Australian Federal Police, and is working with the Australian Cyber Security Centre on the issue. 

“We are devastated to discover that we have been subject to a cyber attack that has resulted in the disclosure of our customers’ personal information to someone who shouldn’t see it,” Ms Bayer Rosmarin said in a statement.

Optus says it does not know if anyone has suffered any harm as a result of the breach, but they have encouraged customers to have “heightened awareness” accounts.

“Including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious,” Ms Bayer Rosmarin said.

Payment details and account passwords have not been compromised, Optus said.

Minister for Cyber Security Clare O’Neil said the Australian Cyber Security Centre was aware of the breach and was providing advice and technical assistance.

The Australian cyber security organisations have seen broad targeting of Australians and Australian organisations by state actors and cybercriminals seeking to steal sensitive data.Cyber expert says Optus breach ‘very significant’ by Australian standards

Optus said it has notified the Australian Federal Police, the Office of the Australian Information Commissioner and other regulators.

“I can’t go into the details of the work, but we have a very committed cyber team who is doing everything they can to identify the scope and scale of what information has been accessed,” Ms Bayer Rosmarin told the ABC.

Affected account holders should be notified soon, Ms Bayer Rosmarin said, adding that customers could take specific actions to ensure their own cyber security. 

“Passwords weren’t compromised. So the main action for everybody is to just have an increased vigilance, so that we can spot if this data is being used early and prevent it being used for more customers,” she said.

What we know about the Optus cyber attack, and how to strengthen your online security

Two women who are out of focus look at something on a mobile phone.
Optus says its mobile and home internet services have not been affected.(Pexel: Amina Filkins)none

Both current and former Optus customers may have potentially been involved in a data breach as a result of a cyber attack on the telecommunications company.

Optus says it noticed “unusual activity” yesterday afternoon and is now working with the Australian Cyber Security Centre and the Australian Federal Police. 

Here’s what we know about the attack, and how you can boost your online security. 

Which type of data may have been exposed?

Optus says the type of information which may have been exposed includes:

  • Customers’ names
  • Dates of birth
  • Phone numbers
  • Email addresses

For a subset of customers:

  • Addresses
  • ID document numbers such as driver’s licence or passport numbers

Optus says payment details and account passwords have not been compromised. I bet they haven’t.

Additionally, Optus services, including mobile and home internet, are not affected, and messages and voice calls have not been compromised.

The company says Optus services remain safe to use and operate as per normal.

Who has been impacted by the cyber attack?

Optus CEO Kelly Bayer Rosmarin says both current and former customers may have potentially been affected by the cyber attack.

Ms Rosmarin says the amount of people affected is “significant” but stopped short of revealing a specific number, saying it’s still too early.

“We want to be absolutely sure when we come out and say how many,” she told ABC’s Afternoon Briefing.

“We’re so deeply disappointed because we spend so much time and we invest so much in preventing this from occurring.

“Our teams have thwarted a lot of attacks in the past and we’re very sorry that this one was successful.”Optus is encouraging customers to increase their vigilance across their accounts. (AAP: Dan Peled)none

How can I strengthen my cyber security?

While Optus says they’re “not aware of customers having suffered any harm,” the company is encouraging people to have “heightened awareness across their accounts, including looking out for unusual or fraudulent activity and any notifications which seem odd or suspicious.”

CHANGE PROVIDERS IMMEDIATELY

Optus have recommended looking to reputable sources, such as the government’s Money Smart platform and the Identity Fraud page on the Office of Australian Information Commissioner website.

For customers believed to have heightened risk, Optus says it will undertake “proactive personal notifications” and offer “expert third-party monitoring services.”

Cyber Security Minister Clare O’Neil says all Australians need to strengthen their cyber defences to help protect themselves.

The Australian Cyber Security Centre (ACSC) recommends:

  • Updating your devices to protect important information
  • Protecting your accounts with multi-factor authentication
  • Backing up data regularly to the cloud or an external hard drive

The ACSC website has step-by-step guides on how to apply these tips on AppleAndroid , and Windows devices.

#AceNewsDesk report ………..Published: Sept.23: 2022:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

Categories
Ace Breaking News

BREAKING SECURITY: Decryptor for Ransomeware LockerGoga By Bitdefender in Collaboration with Europol

This is our daily post that is shared across Twitter & Telegram and published first on here with Kindness & Love XX on peace-truth.com/

#AceNewsRoom With ‘Kindness & Wisdom’ Sept, 20. 2022 @acebreakingnews

Ace News Room Cutting Floor 20/09/2022

Follow Our Breaking & Daily News Here As It Happens:

#AceBreakingNews – A decryptor for the LockerGoga ransomware has been made available by Romanian cybersecurity firm Bitdefender in collaboration with Europol, the No More Ransom project, and Zürich law enforcement authorities.

Decryptor for LockerGoga Ransomware
HACKERS NEWS REPORT

Identified in January 2019, LockerGoga drew headlines for its attacks against the Norwegian aluminum giant Norsk Hydro. It’s said to have infected more than 1,800 victims in 71 countries, causing an estimated $104 million in damages.

The ransomware operation received a significant blow in October 2021 when 12 people in connection with the group, alongside MegaCortex and Dharma, were apprehended as part of an international law enforcement effort.

Decryptor for LockerGoga Ransomware

The arrests, which took place in Ukraine and Switzerland, also saw the seizure of cash worth $52,000, five luxury vehicles, and a number of electronic devices. One of the accused is currently in pretrial detention in Zurich.

The Zurich Cantonal Police further said it spent the past months examining the data storage devices confiscated from the individual during the 2021 arrests and identified numerous private keys that were used to lock the data.

A decryption utility for MegaCortex is also expected to be published in the coming months. Victimized parties are also recommended to file a criminal complaint in their respective home countries.

“These keys enable the aggrieved companies and institutions to recover the data that was previously encrypted with the malware LockerGoga or MegaCortex,” the agency said.

As recommendations, the police department is urging organizations to securely handle emails, block suspicious email attachments, create regular backups, enforce two-factor authentication, and keep IT systems up-to-date.

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

Categories
Ace Breaking News

BREAKING BRUSSELS: EU Proposes Rules Targeting Cybersecurity Risks on Smart Devices After Scamming Business Increases

This is our daily post that is shared across Twitter & Telegram and published first on here with Kindness & Love XX on peace-truth.com/

#AceNewsRoom With ‘Kindness & Wisdom’ Sept, 20. 2022 @acebreakingnews

Ace News Room Cutting Floor 20/09/2022

Follow Our Breaking & Daily News Here As It Happens:

#AceBreakingNews – BRUSSELS, Sept 15 (Reuters) – From laptops to fridges to mobile apps, smart devices connected to the internet will have to be assessed for their cybersecurity risks under draft European Union rules announced on Thursday, amid concerns about a spate of cyber attacks by September 15, 202210:35 PM GMT+1Last Updated 4 days ago

Illustration shows broken Ethernet cable, binary code and words "cyber security\

Companies face fines of as much as 15 million euros ($15 million) or up to 2.5% of their total global turnover if they fail to comply with the European Commission’s proposed law known as the Cyber Resilience Act, which will require manufacturers to fix any problems that are identified.

Companies could save as much as 290 billion euros annually in cyber incidents versus compliance costs of about 29 billion euros, the EU executive said.

A series of high-profile incidents of hackers damaging businesses and demanding huge ransoms in recent years have heightened concerns about vulnerabilities in operating systems, network equipment and software.

“It (the Act) will put the responsibility where it belongs, with those that place the products on the market,” EU digital chief Margrethe Vestager said in a statement.

Manufacturers will have to assess the cybersecurity risks of their products and take appropriate action to fix problems for a period of five years or during the expected lifetime of the product.

The companies will have to notify EU cybersecurity agency ENISA of any incidents within 24 hours of becoming aware of them, and take measures to resolve them.

Importers and distributors will have to verify that products conform with EU rules.

The Computer & Communications Industry Association (CCIA Europe) warned that the resulting red tape from the approval process could hamper the roll-out of new technologies and services in Europe.

“Instead the new rules should recognise globally-accepted standards and facilitate cooperation with trusted trade partners to avoid duplicate requirements,” Public Policy Director Alexandre Roure said.

If companies do not comply with the EU’s rules, national surveillance authorities can prohibit or restrict a product from being made available to their national markets.

The draft rules will need to be agreed with EU countries and EU lawmakers before they can become law.

Reporting by Foo Yun Chee; editing by Philip Blenkinsop and Elaine Hardcastle

#AceNewsDesk report ………..Published: Sept.20: 2022:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com

Categories
Ace Daily News

FEATURED: Cybersecurity Awareness Month 2022: Actionable Tips Courtesy of Trend Micro

This is our daily post that is shared across Twitter & Telegram and published first on here with Kindness & Love XX on peace-truth.com/

#AceNewsRoom With ‘Kindness & Wisdom’ Sept, 20. 2022 @acenewsservices

Ace News Room Cutting Floor 20/09/2022

Follow Our Breaking & Daily News Here As It Happens:

#AceNewsDesk – Make Cybersecurity Awareness Month a year-long initiative with these three actionable security tips to reduce cyber risk across the attack surface according to Trend Micro Published: September 20, 2022

Another Cybersecurity Awareness Month is here. According to the National Cybersecurity Alliance (NCA) this is the eighteenth year we’ve marked the event. 18 years ago, we saw the launch of Facebook, Gmail, MySpace, Roblox, Google’s IPO, and the MyDoom virus. Fast forward to 2022, with attacks and vulnerabilities now on the front pages seemingly daily, cybersecurity is more critical than ever.

What is Cybersecurity Awareness Month?

Launched in 2004 under leadership from the U.S. Department of Homeland Security and the NCA, Cybersecurity Awareness Month aims to help Americans stay safe and secure online. Since then, the movement has grown exponentially—raising awareness amongst consumers, small and medium sized businesses (SMB), enterprises, and educational institutions.

Making Cybersecurity Awareness Month Meaningful

The overarching theme for 2022 is “See Yourself In Cyber” which focuses on four key behaviors – instead of weekly themes – centered around a risk-based approach. These behaviors are:

  • Enabling multi-factor authentication (MFA)
  • Using strong passwords and a password manager
  • Updating software
  • Recognizing and reporting phishing

This is certainly a great place to start, but businesses of all sizes should look to go above and beyond to improve their cybersecurity posture. Here are three additional actions that any organization can take to show improvement:

Decrease Your Unknown Attack Surface

Relying on your IT system management databases isn’t accurate enough. Know your network’s stuff: whether legitimate, shadow IT, or connected through VPNs, get a more accurate inventory. Attackers know that devices not managed and/or patched are the very best lateral paths.

Know that external attack surface management (EASM) and internal Cyber Asset Attack Surface Management (CAASM) are both needed to get the best picture. Visibility is the foundation of all other defense.

digital attack surface

Decrease the Risk Assessment Time Gap Towards Continuous Assessment

Semi-annual penetration tests get a box checked and keep you out of compliance jail, but cybersecurity has moved to near-real time and so too must your assessment. Continuous monitoring has been an important goal, but we need to advance it to making continuous decisions based on that continuous monitoring.

Even events such as authenticating to use a VPN are too infrequent to make actionable judgements: in between those authentications there can be many indicators of compromise (IOC) that give a high enough assurance that you or your account/device/asset/data has moved from acceptable to unacceptable risk.

Continuous assessment means always looking for vulnerable or compromised elements and taking action. If my device is vulnerable, or my email account is spewing malware or the signs of having been phished there should be an immediate risk-based decision taken. Time is the friend of the attacker. Let’s be less friendly with them.

Increase Non-Standard Security Telemetry

The standard events we examine in security have not only gotten a bit stale, but the attackers know them well enough to avoid being caught up in them. That’s the whole basis for attacks to move laterally and through unconventional paths such as IoT and things likely not known to be part of your attack surface when they are.

Attackers know where the motion alarms are for standard security alerts and telemetry and avoid those. Alongside knowing your attack surface better, go and gather more new kinds of security-relevant telemetry.

Extended detection and response (XDR) and continuous assessment gets smarter, faster, and more accurate when there is more data to assess beyond your parents’ firewall alerts. Telemetry regarding connections, rates of missed authentications, changes in application activity, DNS usage, system tools running in new places, never seen before pairings of privileges and the granting admin, unusual backups… there’s a data lake to fill with these. The more telemetry you have, means you can combine them into more meaningful indicators that are less likely to be a false positive or false negative.

Choosing the Right Security Tools

Underscoring all of this is the fact you need the right security tools in place. While you may opt to diversify your security stack, don’t fall into the trap of deploying point products that don’t play nicely together. As I said, visibility is the foundation of all other defense – using siloed solutions will only give you bits and pieces of the entire picture.

You don’t need to rip and replace your entire stack – that’s costly and time-consuming. However, you can leverage a unified cybersecurity platform that brings together the telemetry from different security solutions into a single pane of glass. Beware, some vendors may try to sell you a suite of siloed solutions as a platform. A true platform is composed of integrated vendor solutions and allows broad third-party integrations.

As a bonus, look for a platform that’s backed by the capabilities I mentioned earlier like XDR, virtual patching, automation, continuous monitoring, and more to provide security across the attack surface – from users, to endpoints, to email, to clouds, to networks, etc.

So, let’s make Cybersecurity Awareness Month actionable and meaningful. And in the spirit of continuous assessment don’t wait until the next Cybersecurity Awareness Month to check and refine your progress.

Next Steps:

For more information on attack surface and cyber risk management, check out the following resources:

#AceNewsDesk report ………..Published: Sept.20: 2022:

Editor says …Sterling Publishing & Media Service Agency is not responsible for the content of external site or from any reports, posts or links, and can also be found here on Telegram: https://t.me/acenewsdaily and all wordpress and live posts and links here: https://acenewsroom.wordpress.com/ and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com