Skip to main content

News

Who will be Australia’s next Boss of the SOC?

Aug 28, 2018 - The Australian Cyber Security Centre (ACSC) and Splunk are teaming up this week to host Australia’s largest ever cyber security challenge. Challenging their defensive skills, 350 cyber security analysts and engineers from industry, academia and government will test themselves using Splunk and other cyber security tools and techniques.

Apache advises urgent patching of Struts

Aug 24, 2018 - Developers, organisations and companies are being urged to upgrade Apache Struts today to ensure critical infrastructure and customer data is not put at risk. The new remote code execution vulnerability affects all supported versions of Apache Struts 2, Apache Software Foundation said. Apache Struts is a globally popular framework used for creating Java web applications. A patched version has been released today.

A new approach to cyber security in Australia

Aug 20, 2018 - Threats to our cyber safety and security are intensifying as cyber criminals target our homes, businesses, phones and computers, infrastructure and community. Now working from new purpose-built headquarters, the Australian Cyber Security Centre (ACSC) is building on decades of quiet success by Australian agencies. Officially opened by Prime Minister Malcolm Turnbull, the ACSC demonstrates the Australian Government"s commitment to online security in a world where new threats are always emerging.

New Intel recommendations for L1TF vulnerability

Aug 15, 2018 - Intel has released new recommendations for processors affected by a vulnerability called L1 Terminal Fault (L1TF) to help you protect yourself against the theft of information. These vulnerabilities, if not protected against, could in some circumstances let cyber criminals steal information stored on your computer or in the cloud. These processor flaws remind us that we should all be adhering to cyber security best practice, including updating our operating systems and apps as soon as patches are available.
Feature - Password security

New Google Chrome update to highlight website security

Jul 26, 2018 - A new version of Google Chrome is now available that marks websites that don’t use HTTPS encryption as ‘not secure’. The ACSC advises all website owners to configure their website to serve web content only via the encrypted HTTPS protocol, and not via the unencrypted HTTP protocol.
Perth JCSC

First Joint Cyber Security Centre opens in Western Australia

Jul 12, 2018 - Last week the Attorney-General, the Hon Christian Porter, officially opened the Perth Joint Cyber Security Centre (JCSC), the first centre of its kind to open in the West. The Head of the ACSC, Alastair MacGibbon, welcomed guests including the Chair of the Parliamentary Joint Committee on Intelligence and Security and Federal Member for Canning, WA, Mr Andrew Hastie MP, and senior representatives from across government, industry, academia and law enforcement. The Attorney-General spoke about the importance of government working with industry to help Australian organisations…

Ransomware continues to target Australians

Jul 1, 2018 - The Australian Cyber Security Centre (ACSC) is asking Australians to remain vigilant of ransomware and the damage it can cause. The Centre is urging all Australians, including businesses owners and operators to patch their systems. "Ransomware continues to be one of the greatest cyber security threats to us all. And due to its non-discriminatory nature, if your network is unprotected you may fall victim" said head of the Australian Cyber Security Centre Alastair MacGibbon.

Fed up with Phishing?

Jul 1, 2018 - Would you 'click here' and enter your bank account or credit card numbers, passwords or birthdate because you received an email or text that looks like it's from a bank or government department? If you answered 'yes', there's no need to feel ashamed. Cyber criminals are tricking more and more of us into sharing our most sensitive information. It's the most common type of scam reported in Australia, according to the latest data.

Combat DNS infrastructure hijacking

Jul 1, 2018 - The Australian Cyber Security Centre (ACSC) is aware of a global Domain Name System (DNS) infrastructure hijacking campaign and urges organisations to protect their systems. 'We encourage administrators to follow best practices, including our Essential Eight mitigation strategies, to better safeguard their systems,' said Alastair MacGibbon, Head of the ACSC.

Expanded agreement on incident management arrangements

Jul 1, 2018 - The Council of Australian Governments has today agreed to expanded Cyber Incident Management Arrangements (CIMA), increasing national cyber defences through improved cooperation across jurisdictions. The CIMA outlines the inter-jurisdictional coordination arrangements and principles for Australian Governments’ cooperation in response to national cyber incidents.

2018 - Launching into action

Jul 1, 2018 - Working from new purpose-built headquarters after its official launch in August, the ACSC and its network of Joint Cyber Security Centres (JCSCs) across the country are building on decades of quiet success by Australian agencies. The ACSC, part of the Australian Signals Directorate (ASD), demonstrates the Australian Government's commitment to cyber security in a world where new threats are always emerging.
Data protection

PageUp data incident

Jun 18, 2018 - On Friday 1 June 2018 PageUp Limited, an online recruitment services organisation, notified their customers about a data incident in relation to the integrity of their systems proactively informing of a possible breach. PageUp self-identified suspicious activity on its network and undertook immediate actions to investigate and contain the incident. PageUp notified their corporate customers and the Australian Cyber Security Centre (ACSC) of the issue, enabling the ACSC to quickly assess the incident and support PageUp in their response. In line with the new Notifiable Data…
Browsealoud

ACSC statement on cryptocurrency miner inserted into BrowseAloud

Feb 12, 2018 - Main points The ACSC has become aware of an unauthorised cryptocurrency miner inserted in the BrowseAloud website plugin made by Texthelp. If organisations are using this plugin the ACSC advises your internal networks and websites are not at risk of compromise. Texthelp has released a statement advising that personal and customer data has not been accessed or lost. The security issue has been addressed by Texthelp and the BrowseAloud plugin has been temporarily taken offline, pending investigation. Recommendations
MSP Partner Program

MSP Global Hack

Feb 11, 2018 - Global hack of MSPs affects Australian organisations Cyber security compromises of managed service providers (MSPs) globally, including Australia, have been exposed. These compromises were a concerted campaign to steal commercial secrets from the customers of MSPs for commercial advantage.
Cisco logo

Exploitation of Critical Cisco ASA Vulnerability

Feb 10, 2018 - The ACSC has become aware of a change in the threat situation surrounding the recently announced Cisco ASA critical remote code execution vulnerability. Proof of concept code is now available which results in a denial of service condition on targeted vulnerable devices. Cisco first released a security advisory on 29 January detailing the vulnerability and affected devices but has since identified additional attack vectors and released additional, more comprehensive patches.
Intel Meltdown and Spectre images

Update on processor vulnerabilities (Meltdown/Spectre)

Jan 29, 2018 - Intel has confirmed that the microcode updates designed to mitigate Spectre variant 2 (CVE-2017-5715: Branch Target Injection) have introduced an increased risk of system instability, data loss and corruption. Intel has released an advisory recommending that users cease deployment of the current microcode update (Root Cause of Reboot Issue Identified).

ACSC and AISA seal partnership deal for a secure cyber future

Jan 29, 2018 - The Australian Cyber Security Centre (ACSC) and the Australian Information Security Association (AISA), Australia’s peak body for information security professionals, have joined forces to further strengthen Australia’s cyber security posture and achieve a cyber secure nation. Together the organisations will deliver a high impact program of events in 2019, including a bigger and better Australian Cyber Conference in Melbourne 7-9 October, replacing the ACSC Conference.
Intel inside logo

ACSC statement on reports of Intel Active Management Technology (AMT) security issue

Jan 16, 2018 - The ACSC is aware of reporting that devices with Intel Active Management Technology (AMT) have an insecure default behaviour that could allow an attacker to bypass security controls on the device. AMT is a management feature of Intel products that enables administrators to remotely manage devices. The feature is found on devices such as laptops, desktops and servers.

News ACSC Statement on Reports of Speculative Execution Flaws in Processors

Jan 4, 2018 - Main Points Security researchers have developed methods involving speculative execution to read kernel memory from user space on a variety of processors from a range of vendors produced in the last decade. At this point there is no indication that the reported flaws are being actively exploited by malicious cyber actors.

Wi-Fi protocol vulnerabilities

Oct 17, 2017 - Researchers have identified security vulnerabilities in the Wi-Fi WPA2 protocol which may make all Wi-Fi enabled devices, such as mobiles, computers and internet routers, vulnerable to malicious actors stealing sensitive information such as credit card numbers, passwords and emails. Malicious actors within range of an affected Wi-Fi device may be able to exploit this vulnerability. At this stage there are no reports of this vulnerability being exploited in Australia.
Router

Routers targeted

Aug 16, 2017 - The Australian Cyber Security Centre (ACSC) is aware that cyber adversaries are extracting configuration files from the routers and switches of a number of Australian organisations. We have no evidence at this stage to suggest that home users are directly impacted by this threat. Identifying vulnerable devices Switches with Cisco Smart Install accessible from the internet, and routers or switches with Simple Network Management Protocol (SNMP) enabled and exposed to the internet, are vulnerable to this activity.
Petya ransom message

Update on the initial infection vector of the Petya ransomware campaign

Jun 29, 2017 - From reports and analysis performed to date, this version of the ransomware appears to have been delivered via a malicious software update for My Electronic Document (M.E.Doc), which is accounting software used by Ukrainian-based companies. It appears that almost all affected organisations can be linked back to Ukraine either through direct or indirect connections. While only a relatively small number of organisations have been impacted globally, for those affected the impact has been severe.

News Microsoft June 2017 patches for older platforms

Jun 15, 2017 - Latest Microsoft security updates address multiple critical vulnerabilities in Windows operating systems

Ransomware campaign impacting organisations globally

May 13, 2017 - Key points The ACSC is aware of a large-scale ransomware campaign impacting many organisations globally, including the UK's National Health Service. The campaign has various names including 'WannaCry', 'WanaCryt0r', 'WanaCrypt', 'WanaDecryptor', 'WanaCry' or 'Wana'.

2016 Australian Cyber Security Centre Survey

Apr 15, 2017 - This is the first Australian Cyber Security Centre (ACSC) Cyber Security Survey to look across both the government and private sectors in combination. It provides an overview of how prepared Australian organisations are to meet the growing cyber threat.

Global targeting of enterprises via managed service providers

Apr 4, 2017 - Key points Managed Service Providers have been targeted in a global cyber campaign since at least mid-2016. This includes some companies that also operate in Australia.

2015 Cyber Security Survey: Major Australian Businesses

Dec 15, 2015 - The 2015 Australian Cyber Security Centre (ACSC) Cyber Security Survey of major Australian businesses was conducted to obtain a better picture of Australian organisations’ understanding of cyber threats and how they are positioned to secure their networks.

The Australian Internet Security Initiative Report

Oct 1, 2015 - Prior to July 2017, the Australian Internet Security Initiative (AISI) was administered by the Australian Communications and Media Authority (ACMA), which undertook research in relation to the value and role of the program. The research consisted of 24 interviews with ISPs and universities and found many of the internet providers interviewed relied solely on the AISI malware reports for information about malware infections. Internet providers usually notified their customers of their malware infection by email. More than half of the providers interviewed also provided step-by…