US Govt. overhauls nations’ cybersecurity strategy

Recent cybersecurity incidents such as SolarWinds and the Colonial Pipeline were a “sobering”. The recent cybersecurity attacks on US government and private enterprises have caused the government to overhaul its cybersecurity strategy, with President Biden signed an Executive Order to improve the nation’s cybersecurity and protect federal government networks. Recent…

Read More

Ongoing exploitation of Ivanti Pulse Connect Secure vulnerabilities

US and Australian government agencies issue warnings and advice. The Cybersecurity and Infrastructure Security Agency (CISA) of the United States, is aware of compromises affecting government agencies, critical infrastructure entities, and other private sector organisations by a cyber threat actor—or actors—beginning in June 2020 or earlier related to vulnerabilities in…

Read More

Global warning on Fortinet vulnerabilities

APT actors exploit vulnerabilities to gain initial access for future attacks. The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) advises organisations using Fortinet devices that Advanced Persistent Actors (APT’s) have been observed exploiting the following vulnerabilities: CVE-2018-13379 – Fortinet Path Traversal CVE-2020-12812 – Fortinet 2 Factor Authentication bypass CVE-2019-5591 – Fortinet Man-in-the-middle…

Read More

Cyber warfare has new battlegrounds

Companies have yet to address vulnerabilities in their Microsoft Exchange, leaving them open to cyber criminals. The Australian Cyber Security Centre (ACSC) has identified a large number of Australian organisations are yet to patch vulnerable versions of Microsoft Exchange, leaving them vulnerable to compromise. The ACSC urges these organisations to…

Read More

The Australian Cyber Security Centre issues security alerts

Australian Government’s lead security agency sends out warnings. The Australian Cyber Security Centre (ACSC), the Australian Government lead agency for cyber security has sent out a number of high alerts for vulnerabilities in a number of software products, including Accellion which affected Singapore telecommunications provider, Singtel. According to the ACSC…

Read More

Australian Cyber Security Centre updates security framework for CIOs, CISOs

The cyber security principles is to provide strategic guidance on how organisations can protect their systems and data. The Australian Cyber Security Centre has released its latest update of the Australian Government Information Security Manual. The purpose of the Australian Government Information Security Manual (ISM) is to outline a cyber…

Read More

ACSC has observed a sharp rise in cyber criminal activity

By 2030 an estimated 21 billion devices are expected to be connected to the global internet. Abigail Bradshaw, Head of the Australian Cyber Security Centre (ACSC) emphasised the shared responsibility for cyber security across Australian communities, industries, and government. During her speech to the Institute of Public Administration Australia, earlier…

Read More

5G Forum plan to bring out two new specifications

Creating interoperability with two major sets of technical specifications. The 5G Future Forum will release its first technical specifications to its members in August 2020, to enable interoperability for 5G and Multi-access Edge Computing (MEC) deployment. There will be two major sets of technical specifications: The “MEC Experience Management” technical…

Read More