Sep 29, 2018 - Recent media reports suggest third-party solutions built on ACSC Certified Cloud Services automatically inherit ACSC certification. This is not accurate. Any solution or service built on a certified cloud service does not automatically inherit the awarded certification of the supporting infrastructure and is not certified by the ACSC, unless it is also listed on the CCSL.
Sep 29, 2018 - The ACSC is aware of a security issue affecting 50 million Facebook user accounts. A flaw in the "View As" feature allowed attackers to steal Facebook access tokens, which could be used to take over user's accounts. Access tokens are the equivalent of digital keys that allow users to remain logged into Facebook. 'This attack exploited the complex interaction of multiple issues in our code. It stemmed from a change we made to our video uploading feature in July 2017, which impacted the "View As" feature', Facebook stated on their website.
Sep 28, 2018 - This week Cisco Systems released its semi-annual Software Security Advisory Report detailing a number of vulnerabilities in its IOS and IOS XE switch and router operating software. Cisco, a manufacturer of networking hardware and telecommunications equipment, listed a total of 13 vulnerabilities which, if left unpatched, could enable an attacker to gain system privileges or cause a denial of service (DoS) on an affected device. Cisco has labelled all of the 13 vulnerabilities a Security Impact Rating (SIR) of High.
Sep 21, 2018 - Supporting and protecting senior members of our community from online threats is an important focus for the Australian Government, according to the Minister for Home Affairs, Peter Dutton. ‘We want to say to all Australians, particularly older Australians – as they use internet banking, as they converse online, as they use social media, as they answer their emails – we want people to think twice before they provide any details online,’ Minister Dutton told the House of Representatives this week.
Sep 19, 2018 - Cyber security is everyone’s responsibility as we work together to share and use the information that builds communities and strengthens our families, businesses and governments. To improve the use of public sector data and develop better digital services for people and businesses, the Australian Digital Council recently held its first Ministerial Council where governments shared their ideas about smarter services and opportunities for working together.
Sep 17, 2018 - Always question unexpected requests for your personal or financial information, and keep your passwords safe. Netflix warned subscribers at the weekend about a malicious email campaign that entices users to follow a 'link' to update bank details, but which instead gives cyber criminals access to your bank account. If you suspect you have received a fraudulent email or text message that appears to be from the company, Netflix advises that you follow these tips to keep your information safe and secure:
Sep 17, 2018 - Fraudsters often try to exploit our willingness to help those in need, as Australians have experienced in the aftermath of devastating cyclones. The National Cybersecurity and Communications Integration Centre (NCCIC) in the United States has warned users and administrators to be vigilant for malicious cyber activity in the aftermath of Hurricane Florence. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites.
Sep 13, 2018 - As the digital economy expands across the Pacific, cyber criminals are extending their reach into the lives of our neighbours. Amid this more complex cyber ecosystem, a broader concept of security that includes cyber security has been affirmed by the Forty-Ninth Pacific Islands Forum in Nauru. "Tackling cybercrime needs the close involvement of governments and businesses, and we're working hard to strengthen cyber security together" said Alastair MacGibbon, Head of the Australian Cyber Security Centre (ACSC). "It's important that there aren’t any safe havens"
Sep 12, 2018 - British Airways is continuing to investigate the theft of customer data and warns that fraudsters pretending to be from the airline may try to gather more personal information. ‘We are investigating, as a matter of urgency, the theft of customer data between 22:58 BST August 21 2018 until 21:45 BST September 5 2018 from our website, ba.com, and our mobile app,’ British Airways said. ‘Our website is now working normally.’
Sep 11, 2018 - Losing control of your email service is devastating, even if your company has merged or shut down. A domain name is a core foundation of every business and email is an essential service. Allowing corporate domain names to expire puts businesses at risk, potentially exposing clients’ personal and confidential information, client-legal privileged information and financial details.