Russian state-sponsored and criminal cyber threats

Cybercrime groups have threatened to conduct cyber operations. Evolving intelligence indicates that the Russian government is exploring options for potential cyberattacks. Recent Russian state-sponsored cyber operations have included distributed denial-of-service (DDoS) attacks, and older operations have included deployment of destructive malware against Ukrainian government and critical infrastructure organizations. Additionally, some cybercrime groups…

Read More

ANZ security leaders think outdated security approaches are failing

Legacy thinking has security leaders and businesses investing in solutions. Vectra AI, a leader in threat detection and response, today released a new report highlighting how today’s organisations are continuing to fail, tackling complex, modern cyber threats using outdated methods. Vectra’s Security Leaders Research Report found that legacy thinking has security leaders…

Read More

2021 top routinely exploited vulnerabilities

The cybersecurity authorities encourage organizations to apply the recommendations. Summary This joint Cybersecurity Advisory (CSA) was co-authored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber…

Read More

Ukraine war has complicated the way cybercriminals launder funds

However, they are adapting. It’s becoming clear that Russia’s invasion of Ukraine has complicated the means through which cybercriminals launder funds, but they are adapting. I thought you might be interested in comment from risk intelligence firm Flashpoint, based on discussions analysts have observed in recent months. Sanctions introduced against Russia, coupled with…

Read More

Australian organisations should adopt enhanced cyber security

Prioritise these actions to defend against malicious cyber activity. Organisations should prioritise the following actions to mitigate against threats posed by a range of malicious cyber actors. Many actors use common techniques such as exploiting internet-facing applications and spear phishing to compromise victim networks. Organisations should ensure they have implemented mitigations…

Read More

Global cyber agencies share top routinely exploited vulnerabilities

Four of the most targeted vulnerabilities in 2020 involved remote work. The US Cybersecurity and Infrastructure Security Agency (CISA), Australian Cyber Security Centre (ACSC), United Kingdom’s National Cyber Security Centre (NCSC) and Federal Bureau of Investigation (FBI) released a joint cybersecurity advisory highlighting the top Common Vulnerabilities and Exposures (CVEs) routinely…

Read More

ACSC identifies vulnerable Microsoft Exchange deployments

Multiple actors taking advantage of unpatched systems to attack those with on-premises Exchange Server. The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has identified extensive targeting, and has confirmed compromises, of Australian organisations with vulnerable Microsoft Exchange deployments.  The ACSC is assisting affected organisations with their incident response and…

Read More

Vietnam denies it was behind phishing emails targeting China

Fireye says threat example of latest COVID-19 related espionage The Vietnamese Government has come out and denied it was behind phishing emails targeting the Chinese city of Wuhan and China’s Ministry of Emergency Management. According to Reuters Vietnam’s Foreign Ministry said the reports from Fireye, were “baseless”. “The accusation is…

Read More