Feb 6, 2020 - Overview The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of recent ransomware incidents involving a ransomware tool known as ‘Mailto’ or ‘Kazakavkovkiz’. Mailto belongs to the KoKo ransomware family. At this time, the ACSC is unaware whether these incidents are indicative of a broader campaign. Details Currently, the ACSC has limited information about the initial intrusion vector for Mailto infections.
Aug 5, 2019 - TLP: WHITE
Jul 24, 2019 - The ACSC is aware of a sextortion scam email campaign targeting the Australian community. The ACSC, Office of the eSafety Commissioner and Scamwatch have received over 300 reports this week. This scam may appear to originate from an individual’s own email address and threatens to release personal and sensitive information unless the scammer is paid money.
Jul 3, 2019 - The ACSC has observed a large number of unprotected network and database/storage services hosted on Australian IP address ranges. This exposure may lead to data contained in these services being compromised. The ACSC urges organisations to check their externally facing internet services and ensure appropriate access controls and protections are in place.
Jun 6, 2019 - Vulnerability The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) advises Windows users to ensure their systems are patched and up to date after Microsoft’s recent disclosure of new remote desktop vulnerability.
May 16, 2019 - The Australian Cyber Security Centre (ACSC) has become aware that Advanced Persistent Threat (APT) actors have been scanning for and attempting exploitation against unpatched versions of Telerik UI for ASP.NET AJAX using publically available exploits. Successful exploitation could allow an attacker to upload files to the vulnerable server to facilitate further compromise.