Kaseya offers patch for security flaw that led to ransomware

Mitigates ongoing risk to organisations of compromise through this activity. The Australian Cyber Security Centre (ACSC) has issued a “high alert” to organisations to patch their Kaseya VSA platform, which has just become available. In early July 2021, the Cybersecurity Infrastructure Security Agency (CISA) of the United States and the…

Read More

Cyber attackers will have weaponised operational technology environments 

Organisations can reduce risk by implementing a security control framework By 2025, cyber attackers will have weaponized operational technology (OT) environments to successfully harm or kill humans, according to Gartner, Inc. Attacks on OT – hardware and software that monitors or controls equipment, assets and processes – have become more common. They…

Read More

US White House and allies look to China on cyberattacks

Group of allies and partners – including the European Union, the United Kingdom, and NATO. The United States White House has believes the People’s Republic of China’s (PRC) are behind a number of cyberattacks. According to a statement released by the White House, the PRC are accused of “a number…

Read More

Victims penetrated by phishing had conducted anti-phishing training

Failure of traditional defences in preventing attacks Traditional ransomware defences are failing, with 54 per cent of all victims having anti-phishing training and 49 per cent having perimeter defences in place at the time of attack, according to a recently released report by Cloudian. Citing this and other findings from…

Read More

Thye Hua Kwan Moral Charities faces data breach

Singapore charity’s website was hacked The Personal Data Protection Commission (the “Commission”) received a data breach notification on 11 April 2020 from Thye Hua Kwan Moral Charities Limited (“THKMC”), after THKMC discovered that its website was hacked. Investigations revealed that malicious actors had gained access to the web content management…

Read More

TfNSW and Sydney Trains not effectively managing cyber security risks

Both NSW government agencies have assessed their cyber security risks as unacceptably high Transport for NSW and Sydney Trains are not effectively managing their cyber security risks. Significant weaknesses exist in their cyber security controls, and both agencies have assessed that their cyber risks are unacceptably high. According to the…

Read More

Singapore to build a foundation of trust

Government says digital transformation requires security. Singapore will commit another $50 million over the next five years to bolster its digital trust capabilities. According to Josephine Teo Minister for Communications and Information, this initiative will bring together industry players, research institutions, and institutes of higher learning to drive research and…

Read More

ACSC updates Essential Eight Maturity Model

The Essential Eight Maturity Model, first published in June 2017 and updated regularly. The Australian Cyber Security Centre (ACSC) has further strengthened the implementation guidance for the Essential Eight through changes that reflect its experience in producing cyber threat intelligence, responding to cyber security incidents, conducting penetration testing and assisting organisations to…

Read More