CSO
ACSC and CISA launch step-by-step business continuity instructions for SMBs
Business Continuity in a Box is a set of instructions to help businesses maintain communications and continuity of critical applications following a cyber incident.
CSO
Business Continuity in a Box is a set of instructions to help businesses maintain communications and continuity of critical applications following a cyber incident.
Bleeping Computer
The Australian Cyber Security Centre (ACSC) warns of an increase of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021.
Bleeping Computer
The Australian Cyber Security Centre (ACSC) says Conti ransomware attacks have targeted multiple Australian organizations from various industry verticals since November.
DataBreaches
Release Date: July 27, 2023 Alert Code: AA23-208A SUMMARY The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity...
Bleeping Computer
The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) are warning of an ongoing Avaddon ransomware campaign targeting organizations from an extensive array of sectors in the US and worldwide.
Bleeping Computer
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released today a list of the most detected malware strains during last year in a joint advisory with the Australian Cyber Security Centre (ACSC).
Bleeping Computer
The Australian Cyber Security Center (ACSC) is alerting web admins of the active exploitation of CVE-2021-42237, a remote code execution flaw in the Sitecore Experience Platform (Sitecore XP).
Bleeping Computer
CISA warned today of the significant breach risks linked to insecure direct object reference (IDOR) vulnerabilities impacting web applications in a joint advisory with the Australian Cyber Security Centre (ACSC) and U.S. National Security Agency (NSA).
Bleeping Computer
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Cyber Security Centre (ACSC) have published a joint advisory to inform organizations of the latest tactics, techniques, and procedures (TTPs) and known indicators of compromise (IOCs) of the BianLian ransomware group.
DataBreaches
David Simmons reports: A ransomware attack called LockBit 2.0 has hit multiple organisations across various industry sectors according to the Australian Cyber...
SecurityWeek
US and Australian government agencies warn organizations of the Play ransomware group’s double-extortion tactics.
ZDNet
Australia Cyber Security Centre says the number of reported cybercrime cases climbed almost 13% in the past year, with state actors an ongoing threat and ransomware the "most destructive".
DataBreaches
Release Date: May 16, 2023 Alert Code: AA23-136A Summary Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish...
ZDNet
With parts of the Australian private sector, governments at all levels, and a university falling foul of wide IP ranges in a SPF record, it might be time to check yours.
Bleeping Computer
The Federal Bureau of Investigation (FBI) says the Play ransomware gang has breached roughly 300 organizations worldwide between June 2022 and October 2023, some of them critical infrastructure entities.
The Record
The Australian Cyber Security Centre received over 76,000 cybercrime reports during the last financial year — an increase of nearly 13%.
SecurityWeek
A new joint cybersecurity advisory from CISA and the Australian Cyber Security Centre details 2021’s top malware strains.
DataBreaches
Luke Huigsloot reports: The Australian government is being pushed to ban the payment of cyber ransoms, usually demanded in cryptocurrency, following a local...
Bleeping Computer
A joint security advisory issued today by several cybersecurity agencies from the US, the UK, and Australia reveals the top 30 most targeted security vulnerabilities of the last two years.
DataBreaches
Catalin Cimpanu reports: Australian lawmakers have filed on Monday a new bill that would mandate that local companies inform the Australian Cyber Security...
ZDNet
Australian Cyber Security Centre unveils several guides to help small and midsize businesses safeguard their cloud infrastructures and against common cybersecurity incidents.
Cyber Security News
The Play ransomware group, also going by the name Playcrypt, has been affecting several kinds of enterprises as well as vital infrastructure.
DataBreaches
Australian Clinical Labs said on Thursday its Medlab Pathology business suffered a data breach that affected health records and credit card information of...
DataBreaches
Release Date: November 21, 2023 Alert Code: AA23-325A SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to...
SecurityWeek
US and Australian government agencies provide guidance on addressing access control vulnerabilities in web applications.
SecurityWeek
Administrators are urged to patch the recent CitrixBleed NetScaler vulnerability as LockBit starts exploiting it.
DataBreaches
Summary In 2021, cybersecurity authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact...
ZDNet
Australian Prime Minister warns the country could face retaliatory cyber attacks as sanctions are placed on Russia.
SecurityWeek
In a joint advisory, US, UK, and Australian government agencies outline the growing threat that ransomware poses to organizations.
The Record
The global charity organization Save the Children International confirmed that it was recently hit with a cyberattack after a ransomware group claimed to have breached the organization’s systems.
ZDNet
No reports of immediate threats yet, but Singapore's cybersecurity agency has issued an advisory note for local organisations to bolster their online systems and safeguard their data against possible cyber attacks.
Infosecurity News
A joint advisory by US and Australian government agencies urges organizations to protect themselves against Play group’s tactics
The Record
The most commonly seen malware strains in 2021 include Agent Tesla, Qakbot, TrickBot, GootLoader and several others, according to a new list released by CISA and the Australian Cyber Security Centre.
Infosecurity News
Representatives of four of the five Five Eyes nations outlined the growing threat ransomware poses and approaches to thwart it
ZDNet
A joint alert by cybersecurity agencies warns about the increasing damage done by ransomware attacks - and offers advice on how to counter the threat.
DataBreaches
Alert Code AA23-165A CISA has posted an advisory on LockBit. SUMMARY In 2022, LockBit was the most deployed ransomware variant across the world and continues...
DarkReading
CISA urges small and midsized organizations as well as critical infrastructures to implement mitigations to shield from further attacks.
CSO
DP World Australia restricted port operations for two days following the discovery of a cyber incident.
ZDNet
Emil Frey confirmed that the ransomware attack took place in January.
Security Affairs
Cybersecurity and Infrastructure Security Agency (CISA) published a list of 2021’s top 15 most exploited software vulnerabilities Cybersecurity and Infrastructure Security Agency (CISA) published the list of 2021’s top 15 most exploited software vulnerabilities This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity agencies of the United States, Australia, Canada, New Zealand, and the United […]
Infosecurity News
The threat actors used sophisticated tactics to evade detection during their malicious activities
Infosecurity News
Cybercriminals used Snake to retrieve confidential documents related to international relations
Bleeping Computer
Members of the Five Eyes (FVEY) intelligence alliance today warned managed service providers (MSPs) and their customers that they're increasingly targeted by supply chain attacks.
Latest Hacking News
Given the continuous rise in active exploitation of the now-known CitrixBleed flaw, governments issued new alerts to patch unpatched Netscaler systems. The recent alerts originate from the Government of Australia and the United States, alongside
Infosecurity News
The advisory issues recommendations for developers and end users on reducing the prevalence of access control vulnerabilities
The Hacker News
LockBit ransomware affiliates are exploiting the Citrix NetScaler flaw ("Citrix Bleed") to hijack user sessions and gain unauthorized access.
The Record
The organization that manages Australia’s internet domain .au denied that it was affected by a data breach on Friday after a ransomware gang added it to their list of victims.
Cyber Security News
The US and global cybersecurity agencies have issued a joint advisory to bring attention to the activities of "Volt Typhoon," a state-sponsored cyber actor from China.
ZDNet
Cyber agencies advise users to check contracts to ensure providers have sufficient security controls in place.
Cyber Security News
In an era where artificial intelligence (AI) systems are becoming increasingly integral to our daily lives, the National Security
ZDNet
Official notice confirms suspicion that the group is state-backed.
The Cyber Express
Herron Todd White (HTW), an Australian valuation firm, finds itself in troubled waters as it grapples with the aftermath of
The Hacker News
Cybersecurity agencies in Australia and the U.S. have issued a joint advisory warning about IDOR security flaws in web apps that can lead to breaches.
Bleeping Computer
Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks.
Cyber Security News
Russia’s invasion of Ukraine has triggered several things globally. Even cyber attacks aren’t an exception. As tensions rise over Russia and Ukraine, the U.S and its allied countries have been imposing several economic costs against Russia and the materials provided to them.
Cyber Security News
The Cyber-Extortion Trinity—the BianLian, White Rabbit, and Mario ransomware gangs—was observed by researchers working together to launch a joint extortion campaign against publicly traded financial services companies.
Infosecurity News
The joint advisory is designed to enable transparent discussions between MSPs and their customers on securing sensitive data
The Cyber Express
Republic Shipping Consolidators, a prominent logistics company, finds itself entangled in the web of a cyberattack orchestrated by the notorious
Infosecurity News
Government agencies from the Five Eyes coalition said that Ivanti’s own tools are not sufficient to detect compromise
ZDNet
The FBI's Bryan Vorndran urged organizations attacked through the vulnerability to contact them or CISA about the issue.
Security Affairs
The LockBit ransomware group successfully extorted roughly $91 million from approximately 1,700 U.S. organizations since 2020. According to a joint advisory published by cybersecurity agencies, the LockBit ransomware group has successfully extorted roughly $91 million in about 1,700 attacks against U.S. organizations since 2020. The advisory was published by Cybersecurity and Infrastructure Security Agency (CISA), […]
Security Affairs
Citrix urges admins to kill NetScaler user sessions after patching their appliances against the CVE-2023-4966 Citrix Bleed vulnerability.
CSO
Australia, Canada, New Zealand, UK, and US offer advice on potential smart city vulnerabilities and how to mitigate them.
Bleeping Computer
In partnership with the NSA and the FBI, cybersecurity authorities worldwide have released today a list of the top 15 vulnerabilities routinely exploited by threat actors during 2021.
The Record
Cybersecurity agencies in the U.S. and Australia warned Thursday of a specific brand of vulnerabilities that allow hackers to change or delete data by using the identities of users allowed to access the information.
SecurityWeek
The ransomware model continues to evolve, and shows no sign of becoming less profitable for the criminals
Bleeping Computer
Branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong, and the Philippines have been struck by a ransomware cyber attack. As seen by BleepingComputer yesterday, the Avaddon ransomware group claimed on their leak site that they had stolen over 3 TB of sensitive data from AXA's Asian operations.
Infosecurity News
Multiple threat actor groups are found to be exploiting a vulnerability in Citrix NetScaler gateway appliances, government agencies have warned
ZDNet
Australia's incumbent telco has launched a new service to help its customers comply with recent reforms, which may entail building risk management programs.
The Cyber Express
The Lindsay Municipal Hospital cyberattack has been claimed by the BianLian ransomware group. This nefarious organization, known for its disruptive
The Hacker News
A Chinese hacker group conducted a months-long cyber espionage campaign against several entities using ScanBox Reconnaissance Framework to gather info
Bleeping Computer
MITRE shared this year's top 25 most common and dangerous weaknesses impacting software throughout the previous two calendar years.
Bleeping Computer
Conti ransomware operation is using the critical Log4Shell exploit to gain rapid access to internal VMware vCenter Server instances and encrypt virtual machines.
Bleeping Computer
This week we saw an existing operation rise in attacks while existing ransomware operations turn to Windows vulnerabilities to elevate their privileges.
Ars Technica
Group uses living-off-the-land attack and infected routers to remain undetected.
The Cyber Express
A ransomware attack has compromised MediSecure, a leading Australian script provider facilitating electronic prescribing and dispensing of prescriptions. The MediSecure
The Record
Experts have raised alarms about a post on a hacker forum by someone claiming to have access to 50 different U.S. companies through an unknown managed service provider.
ZDNet
Cybersecurity chiefs say that boardrooms are asking better questions, but is the money there to back this up?
Bleeping Computer
MITRE shared today this year's list of the top 25 most dangerous weaknesses plaguing software during the previous two years.
DarkReading
The FBI warns that ransomware targets are no longer predictably the biggest, richest organizations, and that attackers have leveled up to victimize organizations of all sizes.
The Record
CISA Director Jen Easterly said the 2021 list is a reminder that "malicious cyber actors go back to what works."
CSO
IT services provider DXC sparked questions after quietly publishing a note that its networks were not compromised following the Latitude Financial breach.
CSO
Agencies from across seven countries come together to create a guidance that aims to remove the burden of security from the technology buyer.
ZDNet
Alert from international cybersecurity agencies urges IT service providers and their customers to protect networks from attack.
SecurityWeek
For CISOs to gain board support, they must translate and report technical cybersecurity concerns and solutions into language that can be understood.
Bleeping Computer
We saw the Maze ransomware developers reemerge briefly this week as they shared the master decryption keys for the Egregor, Maze, and Sekhmet ransomware operations.
CSO
The warning likely comes in response to an increase in attacks on managed service providers, through which threat actors can access their clients.
The Hacker News
The Essential Eight strategies are designed specifically for use on Windows networks.
Bleeping Computer
Ransomware took the media spotlight this week after a ransomware gang known as DarkSide targeted critical infrastructure in the USA.
Naked Security
It’s a simple jingle and it’s solid advice: “If in doubt, don’t give it out!”
The Cyber Express
The digital landscape continues to be a battleground, with cyber threats evolving and attackers targeting an ever-wider range of victims.
Trend Micro
We analyzed the infection routine used in recent Gootkit loader attacks on the Australian healthcare industry and found that Gootkit leveraged SEO poisoning for its initial access and abused legitimate tools like VLC Media Player.
The DFIR Report
As we come to the end of the first quarter of 2022, we want to take some time to look back over our cases from 2021, in aggregate, and look at some of the top tactics, techniques and procedures (TTP's) we observed.
The DFIR Report
As we move into the new year, it’s important to reflect on some of the key changes and developments we observed and reported on in 2022. This year’s year-in-review report … Read More