Malicious cyber actors are actively targeting Australians

Key cyber threats affecting Australia and provides vital advice on to protect businesses online. The Australian Cyber Security Centre (ACSC) has released its  Annual Cyber Threat Report 2020–21, highlighting the key cyber threats affecting Australian systems and networks, and uses strategic assessments, statistics, trends analysis, and case studies to describe…

Read More

APCERT drill themed supply chain attack through spear-phishing

APAC countries come together to reflect on real-life cyber security incidents. The Asia Pacific Computer Emergency Response Team has successfully completed its annual drill to test the response capability of leading Computer Security Incident Response Teams (CSIRT) within the Asia Pacific economies. The theme of this year’s APCERT Drill is…

Read More

Global cyber agencies share top routinely exploited vulnerabilities

Four of the most targeted vulnerabilities in 2020 involved remote work. The US Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory highlighting the top Common Vulnerabilities and Exposures (CVEs) routinely…

Read More

SonicWall devices targeted with ransomware utilising stolen credentials

Review their networks for the presence of affected SonicWall products. The Australian Cyber Security Centre has issued an alert over SonicWall, a network and cyber security appliance vendor, reporting that ransomware activity is currently targeting their Secure Mobile Access (SMA) and Secure Remote Access (SRA) products. This ransomware activity is…

Read More

ACSC updates Essential Eight Maturity Model

The Essential Eight Maturity Model, first published in June 2017 and updated regularly. The Australian Cyber Security Centre (ACSC) has further strengthened the implementation guidance for the Essential Eight through changes that reflect its experience in producing cyber threat intelligence, responding to cyber security incidents, conducting penetration testing and assisting organisations to…

Read More

Cybercriminals targeting construction companies with email scams

ACSC sends out warning The Australian Cyber Security Centre (ASCS) has observed a growing trend affecting construction companies and their customers. In the past six months there has been an increase in cybercriminals targeting builders and construction companies to conduct business email compromise (BEC) scams within Australia. In a BEC scam, cybercriminals…

Read More

ACSC calls for partner volunteers to help with raising critical infrastructure security

ACSC’s Critical Infrastructure Uplift Program to protect essential services from cyber security. The ACSC is calling for ACSC Partners to help pilot the Critical Infrastructure Uplift Program (CI-UP). CI-UP will help protect Australia’s essential services from cyber threats by raising the security levels of critical infrastructure organisations. CI-UP is part of the Australian Signals Directorate’s…

Read More

US Govt. overhauls nations’ cybersecurity strategy

Recent cybersecurity incidents such as SolarWinds and the Colonial Pipeline were a “sobering”. The recent cybersecurity attacks on US government and private enterprises have caused the government to overhaul its cybersecurity strategy, with President Biden signed an Executive Order to improve the nation’s cybersecurity and protect federal government networks. Recent…

Read More

Ongoing exploitation of Ivanti Pulse Connect Secure vulnerabilities

US and Australian government agencies issue warnings and advice. The Cybersecurity and Infrastructure Security Agency (CISA) of the United States, is aware of compromises affecting government agencies, critical infrastructure entities, and other private sector organisations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to vulnerabilities in…

Read More