Nov 8, 2019 - Overview The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has observed an ongoing and widespread campaign of malicious emails designed to spread Emotet across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies. Emotet provides an attacker with a foothold in a network from which additional attacks can be performed, often leading to further compromise through the deployment of ransomware.
Oct 1, 2019 - Overview The Australian Signals Directorate’s Australian Cyber Security Centre is aware of a vulnerability that exists in the Pulse Connect Secure Virtual Private Network (VPN) solution. We advise users to ensure their systems are patched and up to date. The Pulse VPN Vulnerability, also known as CVE-2019-11510, was initially disclosed in April 2019 but has resurfaced after multiple reports of exploitation and the disclosure of working exploits available for use on Pastebin and GitHub.
Aug 5, 2019 - TLP: WHITE
Jul 30, 2019 - ICS-CERT Alerts - An ICS-CERT Alert is intended to provide timely notification to critical infrastructure owners and operators concerning threats or activity with the potential to impact critical infrastructure computing networks. ICS-CERT Advisories - Advisories provide timely information about current security issues, vulnerabilities, and exploits.
Jul 24, 2019 - The ACSC is aware of a sextortion scam email campaign targeting the Australian community. The ACSC, Office of the eSafety Commissioner and Scamwatch have received over 300 reports this week. This scam may appear to originate from an individual’s own email address and threatens to release personal and sensitive information unless the scammer is paid money.
Jul 3, 2019 - The ACSC has observed a large number of unprotected network and database/storage services hosted on Australian IP address ranges. This exposure may lead to data contained in these services being compromised. The ACSC urges organisations to check their externally facing internet services and ensure appropriate access controls and protections are in place.
Jun 6, 2019 - Vulnerability The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) advises Windows users to ensure their systems are patched and up to date after Microsoft’s recent disclosure of new remote desktop vulnerability.
May 16, 2019 - The Australian Cyber Security Centre (ACSC) has become aware that Advanced Persistent Threat (APT) actors have been scanning for and attempting exploitation against unpatched versions of Telerik UI for ASP.NET AJAX using publically available exploits. Successful exploitation could allow an attacker to upload files to the vulnerable server to facilitate further compromise.
Jan 29, 2019 - This report details technical findings and mitigation advice related to the extensive compromise of at least eight Australian web hosting providers investigated by the Australian Cyber Security Centre (ACSC) in May 2018. The information is designed for use by technical cyber security officers within Australian infrastructure organisations, large businesses and government agencies. This report includes indicators for web hosting providers and their customers to determine if they are victims of the campaign, which uses simple techniques and poses a risk for such organisations.
Dec 21, 2018 - The ACSC investigation report details the theft of commercial secrets, data and information from the Australian arm of a multinational construction services company via their Managed Service Provider. The compromise reflects those detailed in a 2017 public report ‘Operation Cloud Hopper’, which outlines APT10’s targeting of MSPs to leverage existing relationships with their customers and gain access to their customer networks.