Mar 21, 2019 - Norsk Hydro, a Norwegian aluminium and renewable energy company was subject to a Ransomware attack on Tuesday, 19 March 2019. The company confirmed the attack in a statement on their website
Mar 21, 2019 - The Australian Cyber Security Centre (ACSC) advises users and administrators of WordPress version 5.1 to update their applications to WordPress 5.1.1. The update addresses a vulnerability that could allow an attacker to take control of an affected website. WordPress 5.1 and prior versions are affected. More information about the update can be found here
Mar 20, 2019 - The Australian Cyber Security Centre (ACSC) is aware of malicious emails claiming to be from the Central Intelligence Agency (CIA) that are being received by Australians. The emails align with the ‘sextortion’ campaign being observed globally. The criminals inform recipients that due to their involvement in illegal material, the recipient’s personal information such as; addresses, contact information and information relating to their relative/s are contained in a case file. The recipient is advised they can avoid arrest by paying a $10,000 USD in bitcoin.
Mar 8, 2019 - Network engineering, common sense and top-grade resilience have propelled Kylie McDevitt into her role in the heart of cyber security in Australia’s capital. Kylie is the director of a security research and engineering team within the Australian Cyber Security Centre (ACSC) and is also founder of BSides Canberra – the largest hacker forum in Australia. Better known by her Twitter handle @kylieengineer, she has much wisdom to share about studying and working as a minority since the 1990s.
Mar 8, 2019 - The Australian Cyber Security Centre (ACSC) advises Google Chrome users update their browser in order to patch a known vulnerability. Google has released Chrome version 72.0.3626.121 for Mac, Windows and Linux. The update addresses a vulnerability which allows a remote attacker to take control of an affected system. The ACSC recommends users apply the necessary updates to ensure their systems are best protected.
Feb 20, 2019 - On April 6th, the GPS week counter rolls over and resets to zero. This change may affect Industrial Control Systems (ICSs) and Critical Infrastructure (CI) owners and operators. This rollover may affect log time stamp information, loss of communication between devices, inability to authenticate multi-factor authentication, or the ability to log in to computers.
Feb 19, 2019 - During the course of the investigation into the recent compromise of the Australian Parliament House network, the ACSC has identified that networks of some political parties have also been affected by a cyber security incident. In speeches delivered to Parliament on Monday 18 February 2019, Prime Minister Scott Morrison and Opposition Leader Bill Shorten acknowledged the Australian security and intelligence community have detected malicious activity by a sophisticated state actor, on the networks of a number of Australian political parties including Liberal, Labor and The…
Feb 7, 2019 - The Australian Cyber Security Centre (ACSC) urges organisations to step up efforts to protect themselves from cyber criminals, after the December quarter Notifiable Data Breaches Quarterly Statistics Report revealed an increase in reported malicious or criminal activity. The Office of the Australian Information Commissioner (OAIC) report found that malicious or criminal activity was the leading cause of data breaches in the quarter at 64 per cent of notifications, an increase from the previous quarter's 57 per cent.
Feb 5, 2019 - Today marks Safer Internet Day (SID), and the Australian Cyber Security Centre (ACSC) is a proud partner in supporting this year's theme -- 'Together for a better internet'. SID is an annual, worldwide event led by the Office of the eSafety Commissioner. This year they are encouraging individuals to create a better internet by developing four critical skills known as the 4Rs: Respect, Responsibility, Reasoning and Resilience.
Feb 1, 2019 - The Australian Cyber Security Centre (ACSC) is aware of a phone scam asking staff members of a critical infrastructure organisation to reveal their multifactor authentication credentials. The scammers seek to convince staff members to reveal their credentials by impersonating the service desk on a direct telephone call.