CSO
ACSC and CISA launch step-by-step business continuity instructions for SMBs
Business Continuity in a Box is a set of instructions to help businesses maintain communications and continuity of critical applications following a cyber incident.
Bleeping Computer
Australian govt warns of escalating LockBit ransomware attacks
The Australian Cyber Security Centre (ACSC) warns of an increase of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021.
Bleeping Computer
Australian govt raises alarm over Conti ransomware attacks
The Australian Cyber Security Centre (ACSC) says Conti ransomware attacks have targeted multiple Australian organizations from various industry verticals since November.
DataBreaches
CISA Advisory: Preventing Web Application Access Control Abuse
Release Date: July 27, 2023 Alert Code: AA23-208A SUMMARY The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity...
Bleeping Computer
US and Australia warn of escalating Avaddon ransomware attacks
The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations from an extensive array of sectors in the US and worldwide.
Bleeping Computer
Cybersecurity agencies reveal last year’s top malware strains
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released today a list of the most detected malware strains during last year in a joint advisory with the Australian Cyber Security Centre (ACSC).
Bleeping Computer
Sitecore XP RCE flaw patched last month now actively exploited
The Australian Cyber Security Center (ACSC) is alerting web admins of the active exploitation of CVE-2021-42237, a remote code execution flaw in the Sitecore Experience Platform (Sitecore XP).
Bleeping Computer
CISA warns of breach risks from IDOR web app vulnerabilities
CISA warned today of the significant breach risks linked to insecure direct object reference (IDOR) vulnerabilities impacting web applications in a joint advisory with the Australian Cyber Security Centre (ACSC) and U.S. National Security Agency (NSA).
Bleeping Computer
FBI confirms BianLian ransomware switch to extortion only attacks
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Cyber Security Centre (ACSC) have published a joint advisory to inform organizations of the latest tactics, techniques, and procedures (TTPs) and known indicators of compromise (IOCs) of the BianLian ransomware group.
DataBreaches
Australian Cyber Security Centre reports multiple victims of LockBit 2.0 ransomware
David Simmons reports: A ransomware attack called LockBit 2.0 has hit multiple organisations across various industry sectors according to the Australian Cyber...
SecurityWeek
Governments Issue Warning After Play Ransomware Hits Hundreds of Organizations
US and Australian government agencies warn organizations of the Play ransomware group’s double-extortion tactics.
ZDNet
Australia sees rise in cybercrimes on back of 'destructive' ransomware, state actors
Australia Cyber Security Centre says the number of reported cybercrime cases climbed almost 13% in the past year, with state actors an ongoing threat and ransomware the "most destructive".
DataBreaches
#StopRansomware: BianLian Ransomware Group
Release Date: May 16, 2023 Alert Code: AA23-136A Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish...
ZDNet
Check your SPF records: Wide IP ranges undo email security and make for tasty phishes | ZDNet
With parts of the Australian private sector, governments at all levels, and a university falling foul of wide IP ranges in a SPF record, it might be time to check yours.
Bleeping Computer
FBI: Play ransomware breached 300 victims, including critical orgs
The Federal Bureau of Investigation (FBI) says the Play ransomware gang has breached roughly 300 organizations worldwide between June 2022 and October 2023, some of them critical infrastructure entities.
The Record
‘Cyberspace has become a battleground,’ warns Australian Cyber Security Centre
The Australian Cyber Security Centre received over 76,000 cybercrime reports during the last financial year — an increase of nearly 13%.
SecurityWeek
US, Australian Cybersecurity Agencies Publish List of 2021's Top Malware
A new joint cybersecurity advisory from CISA and the Australian Cyber Security Centre details 2021’s top malware strains.
DataBreaches
Push to ban ransomware payments following Australia’s biggest cyberattack
Luke Huigsloot reports: The Australian government is being pushed to ban the payment of cyber ransoms, usually demanded in cryptocurrency, following a local...
Bleeping Computer
FBI reveals top targeted vulnerabilities of the last two years
A joint security advisory issued today by several cybersecurity agencies from the US, the UK, and Australia reveals the top 30 most targeted security vulnerabilities of the last two years.
DataBreaches
New Australian bill would force companies to disclose ransomware payments
Catalin Cimpanu reports: Australian lawmakers have filed on Monday a new bill that would mandate that local companies inform the Australian Cyber Security...
ZDNet
Australia releases cloud security reference guides for SMBs
Australian Cyber Security Centre unveils several guides to help small and midsize businesses safeguard their cloud infrastructures and against common cybersecurity incidents.
Cyber Security News
Play Ransomware Infected Over 300 Organizations Worldwide : FBI Warns
The Play ransomware group, also going by the name Playcrypt, has been affecting several kinds of enterprises as well as vital infrastructure.
DataBreaches
Australian Clinical Labs says data of 223,000 people hacked
Australian Clinical Labs said on Thursday its Medlab Pathology business suffered a data breach that affected health records and credit card information of...
DataBreaches
#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability
Release Date: November 21, 2023 Alert Code: AA23-325A SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to...
SecurityWeek
US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications
US and Australian government agencies provide guidance on addressing access control vulnerabilities in web applications.
SecurityWeek
Citrix, Gov Agencies Issue Fresh Warnings on CitrixBleed Vulnerability
Administrators are urged to patch the recent CitrixBleed NetScaler vulnerability as LockBit starts exploiting it.
DataBreaches
CISA Alert (AA22-040A): 2021 Trends Show Increased Globalized Threat of Ransomware
Summary In 2021, cybersecurity authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact...
ZDNet
Companies warned to boost cyber defence in wake of Ukraine crisis escalation
Australian Prime Minister warns the country could face retaliatory cyber attacks as sanctions are placed on Russia.
SecurityWeek
Ransomware Targeted 14 of 16 U.S. Critical Infrastructure Sectors in 2021
In a joint advisory, US, UK, and Australian government agencies outline the growing threat that ransomware poses to organizations.
The Record
Save the Children International hit with cyberattack, but says operations weren’t impacted
The global charity organization Save the Children International confirmed that it was recently hit with a cyberattack after a ransomware group claimed to have breached the organization’s systems.
ZDNet
Singapore advises local firms to beef up cyberdefence amidst Ukraine conflict | ZDNet
No reports of immediate threats yet, but Singapore's cybersecurity agency has issued an advisory note for local organisations to bolster their online systems and safeguard their data against possible cyber attacks.
Infosecurity News
US and Australia Warn of Play Ransomware Threat
A joint advisory by US and Australian government agencies urges organizations to protect themselves against Play group’s tactics
The Record
U.S. and Australian security agencies release list of 2021's 'top' malware strains
The most commonly seen malware strains in 2021 include Agent Tesla, Qakbot, TrickBot, GootLoader and several others, according to a new list released by CISA and the Australian Cyber Security Centre.
Infosecurity News
#RSAC: Ransomware Poses Growing Threat to Five Eyes Nations
Representatives of four of the five Five Eyes nations outlined the growing threat ransomware poses and approaches to thwart it
ZDNet
Ransomware warning: Attacks are rising, and they'll keep coming if victims keep paying | ZDNet
A joint alert by cybersecurity agencies warns about the increasing damage done by ransomware attacks - and offers advice on how to counter the threat.
DataBreaches
Understanding Ransomware Threat Actors: LockBit
Alert Code AA23-165A CISA has posted an advisory on LockBit. SUMMARY In 2022, LockBit was the most deployed ransomware variant across the world and continues...
DarkReading
BianLian Cybercrime Group Changes Attack Methods, CISA Advisory Notes
CISA urges small and midsized organizations as well as critical infrastructures to implement mitigations to shield from further attacks.
CSO
Major Australian ports shut down following cyber incident
DP World Australia restricted port operations for two days following the discovery of a cyber incident.
ZDNet
Europe's biggest car dealer hit with ransomware attack | ZDNet
Emil Frey confirmed that the ransomware attack took place in January.
Security Affairs
CISA published 2021 Top 15 most exploited software vulnerabilities
Cybersecurity and Infrastructure Security Agency (CISA) published a list of 2021’s top 15 most exploited software vulnerabilities Cybersecurity and Infrastructure Security Agency (CISA) published the list of 2021’s top 15 most exploited software vulnerabilities This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity agencies of the United States, Australia, Canada, New Zealand, and the United […]
Infosecurity News
NCSC Warns Against Chinese Cyber Attacks on Critical Infrastructure
The threat actors used sophisticated tactics to evade detection during their malicious activities
Infosecurity News
NSA and Allies Uncover Russian Snake Malware Network in 50+ Countries
Cybercriminals used Snake to retrieve confidential documents related to international relations
Bleeping Computer
FBI, CISA, and NSA warn of hackers increasingly targeting MSPs
Members of the Five Eyes (FVEY) intelligence alliance today warned managed service providers (MSPs) and their customers that they're increasingly targeted by supply chain attacks.
Latest Hacking News
New Alerts Issued For CitrixBleed Flaw Following Active Exploits
Given the continuous rise in active exploitation of the now-known CitrixBleed flaw, governments issued new alerts to patch unpatched Netscaler systems. The recent alerts originate from the Government of Australia and the United States, alongside
Infosecurity News
Australia and US Issue Warning About Web App Threats
The advisory issues recommendations for developers and end users on reducing the prevalence of access control vulnerabilities
The Hacker News
LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In
LockBit ransomware affiliates are exploiting the Citrix NetScaler flaw ("Citrix Bleed") to hijack user sessions and gain unauthorized access.
The Record
Australia’s .au domain administrator denies data breach after ransomware posting
The organization that manages Australia’s internet domain .au denied that it was affected by a data breach on Friday after a ransomware gang added it to their list of victims.
Cyber Security News
Chinese Hackers Attack US Critical Infrastructure Using Network Administration Tools
The US and global cybersecurity agencies have issued a joint advisory to bring attention to the activities of "Volt Typhoon," a state-sponsored cyber actor from China.
ZDNet
Beware of state actors stepping up attacks on managed service providers: Cyber agencies | ZDNet
Cyber agencies advise users to check contracts to ensure providers have sufficient security controls in place.
Cyber Security News
NSA, CISA Released Guidance And Best Practices To Secure The AI
In an era where artificial intelligence (AI) systems are becoming increasingly integral to our daily lives, the National Security
ZDNet
US Cyber Command links MuddyWater to Iranian intelligence | ZDNet
Official notice confirms suspicion that the group is state-backed.
The Cyber Express
Australian Valuation Firm HTW Hit by Data Breach, Banks Halt New Work
Herron Todd White (HTW), an Australian valuation firm, finds itself in troubled waters as it grapples with the aftermath of
The Hacker News
Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches
Cybersecurity agencies in Australia and the U.S. have issued a joint advisory warning about IDOR security flaws in web apps that can lead to breaches.
Bleeping Computer
Citrix warns admins to kill NetScaler user sessions to block hackers
Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks.
Cyber Security News
Authorities Warns that Russian Hackers Attack Critical Infrastructure
Russia’s invasion of Ukraine has triggered several things globally. Even cyber attacks aren’t an exception. As tensions rise over Russia and Ukraine, the U.S and its allied countries have been imposing several economic costs against Russia and the materials provided to them.
Cyber Security News
Ransomware Gangs Are Collaborating To Attack Financial Services Firms
The Cyber-Extortion Trinity—the BianLian, White Rabbit, and Mario ransomware gangs—was observed by researchers working together to launch a joint extortion campaign against publicly traded financial services companies.
Infosecurity News
Five Eyes Nations Issue New Supply Chain Security Advisory
The joint advisory is designed to enable transparent discussions between MSPs and their customers on securing sensitive data
The Cyber Express
Republic Shipping Targeted in BianLian Ransomware Cyberattack
Republic Shipping Consolidators, a prominent logistics company, finds itself entangled in the web of a cyberattack orchestrated by the notorious
Infosecurity News
Five Eyes Warn of Ivanti Vulnerabilities Exploitation
Government agencies from the Five Eyes coalition said that Ivanti’s own tools are not sufficient to detect compromise
ZDNet
Log4j flaw: Attackers are 'actively scanning networks' warns new CISA guidance | ZDNet
The FBI's Bryan Vorndran urged organizations attacked through the vulnerability to contact them or CISA about the issue.
Security Affairs
Cybersecurity agencies published a joint LockBit ransomware advisory
The LockBit ransomware group successfully extorted roughly $91 million from approximately 1,700 U.S. organizations since 2020. According to a joint advisory published by cybersecurity agencies, the LockBit ransomware group has successfully extorted roughly $91 million in about 1,700 attacks against U.S. organizations since 2020. The advisory was published by Cybersecurity and Infrastructure Security Agency (CISA), […]
Security Affairs
Citrix provides additional measures to address Citrix Bleed
Citrix urges admins to kill NetScaler user sessions after patching their appliances against the CVE-2023-4966 Citrix Bleed vulnerability.
CSO
Five Eye nations release new guidance on smart city cybersecurity
Australia, Canada, New Zealand, UK, and US offer advice on potential smart city vulnerabilities and how to mitigate them.
Bleeping Computer
Cybersecurity agencies reveal top exploited vulnerabilities of 2021
In partnership with the NSA and the FBI, cybersecurity authorities worldwide have released today a list of the top 15 vulnerabilities routinely exploited by threat actors during 2021.
The Record
CISA, Australia warn of IDOR vulnerabilities after major breaches
Cybersecurity agencies in the U.S. and Australia warned Thursday of a specific brand of vulnerabilities that allow hackers to change or delete data by using the identities of users allowed to access the information.
SecurityWeek
Backup Plays Key Role in Ransomware Response, But Not a Complete Solution
The ransomware model continues to evolve, and shows no sign of becoming less profitable for the criminals
Bleeping Computer
Insurer AXA hit by ransomware after dropping support for ransom payments
Branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong, and the Philippines have been struck by a ransomware cyber attack. As seen by BleepingComputer yesterday, the Avaddon ransomware group claimed on their leak site that they had stolen over 3 TB of sensitive data from AXA's Asian operations.
Infosecurity News
LockBit Affiliates Exploiting Citrix Bleed, Government Agencies Warn
Multiple threat actor groups are found to be exploiting a vulnerability in Citrix NetScaler gateway appliances, government agencies have warned
ZDNet
Telstra reminds organisations that managing cyber risks is not having 'bank-level security'
Australia's incumbent telco has launched a new service to help its customers comply with recent reforms, which may entail building risk management programs.
The Cyber Express
BianLian Ransomware Strikes Lindsay Municipal Hospital: Another US Institution Under Attack
The Lindsay Municipal Hospital cyberattack has been claimed by the BianLian ransomware group. This nefarious organization, known for its disruptive
The Hacker News
Chinese Hackers Used ScanBox Framework in Recent Cyber Espionage Attacks
A Chinese hacker group conducted a months-long cyber espionage campaign against several entities using ScanBox Reconnaissance Framework to gather info
Bleeping Computer
MITRE shares this year's list of most dangerous software bugs
MITRE shared this year's top 25 most common and dangerous weaknesses impacting software throughout the previous two calendar years.
Bleeping Computer
Conti ransomware uses Log4j bug to hack VMware vCenter servers
Conti ransomware operation is using the critical Log4Shell exploit to gain rapid access to internal VMware vCenter Server instances and encrypt virtual machines.
Bleeping Computer
The Week in Ransomware - August 13th 2021 - The rise of LockBit
This week we saw an existing operation rise in attacks while existing ransomware operations turn to Windows vulnerabilities to elevate their privileges.
Ars Technica
Chinese state hackers infect critical infrastructure throughout the US and Guam
Group uses living-off-the-land attack and infected routers to remain undetected.
The Cyber Express
MediSecure Data Breach Confirms Impact on Personal and Health Information of Individuals
A ransomware attack has compromised MediSecure, a leading Australian script provider facilitating electronic prescribing and dispensing of prescriptions. The MediSecure
The Record
Experts warn of hacker claiming access to 50 U.S. companies through breached MSP
Experts have raised alarms about a post on a hacker forum by someone claiming to have access to 50 different U.S. companies through an unknown managed service provider.
ZDNet
Just in time? Bosses are finally waking up to the cybersecurity threat | ZDNet
Cybersecurity chiefs say that boardrooms are asking better questions, but is the money there to back this up?
Bleeping Computer
MITRE releases new list of top 25 most dangerous software bugs
MITRE shared today this year's list of the top 25 most dangerous weaknesses plaguing software during the previous two years.
DarkReading
Cyber Conflict Overshadowed a Major Government Ransomware Alert
The FBI warns that ransomware targets are no longer predictably the biggest, richest organizations, and that attackers have leveled up to victimize organizations of all sizes.
The Record
Log4Shell, ProxyLogon and Atlassian bug top CISA's list of routinely exploited vulnerabilities in 2021
CISA Director Jen Easterly said the 2021 list is a reminder that "malicious cyber actors go back to what works."
CSO
DXC Technology says global network is not compromised following Latitude Financial breach
IT services provider DXC sparked questions after quietly publishing a note that its networks were not compromised following the Latitude Financial breach.
CSO
7 countries unite to push for secure-by-design development
Agencies from across seven countries come together to create a guidance that aims to remove the burden of security from the technology buyer.
ZDNet
Hackers are using tech services companies as a 'launchpad' for attacks on customers | ZDNet
Alert from international cybersecurity agencies urges IT service providers and their customers to protect networks from attack.
SecurityWeek
CISOs and Board Reporting – an Ongoing Problem
For CISOs to gain board support, they must translate and report technical cybersecurity concerns and solutions into language that can be understood.
Bleeping Computer
The Week in Ransomware - February 11th 2022 - Maze, Egregor decryptors
We saw the Maze ransomware developers reemerge briefly this week as they shared the master decryption keys for the Egregor, Maze, and Sekhmet ransomware operations.
CSO
Five Eyes nations warn MSPs of stepped-up cybersecurity threats
The warning likely comes in response to an increase in attacks on managed service providers, through which threat actors can access their clients.
The Hacker News
What is the Essential Eight (And Why Non-Aussies Should Care)
The Essential Eight strategies are designed specifically for use on Windows networks.
Bleeping Computer
The Week in Ransomware - May 14th 2021 - One down, many more to go
Ransomware took the media spotlight this week after a ransomware gang known as DarkSide targeted critical infrastructure in the USA.
Naked Security
FTC warns of LGBTQ+ extortion scams – be aware before you share!
It’s a simple jingle and it’s solid advice: “If in doubt, don’t give it out!”
The Cyber Express
TCE Cyberwatch: A Look at This Week’s Top Cybersecurity Incidents
The digital landscape continues to be a battleground, with cyber threats evolving and attackers targeting an ever-wider range of victims.
Trend Micro
Gootkit Loader Actively Targets Australian Healthcare Industry
We analyzed the infection routine used in recent Gootkit loader attacks on the Australian healthcare industry and found that Gootkit leveraged SEO poisoning for its initial access and abused legitimate tools like VLC Media Player.
The DFIR Report
2021 Year In Review
As we come to the end of the first quarter of 2022, we want to take some time to look back over our cases from 2021, in aggregate, and look at some of the top tactics, techniques and procedures (TTP's) we observed.
The DFIR Report
2022 Year in Review - The DFIR Report
As we move into the new year, it’s important to reflect on some of the key changes and developments we observed and reported on in 2022. This year’s year-in-review report … Read More