Remote Work Drives U.S. Surge in Security Challenges, Cloud Usage: ManageEngine Report Top 3 Attack Vectors Are Phishing, Endpoint Network Attacks and Malware; 74% of US Companies Increased Their Use of Cloud Solutions Due to the COVID-19 Pandemic
Critical vulnerabilities present in certain versions of Apple iOS, macOS and Safari
A remote code execution vulnerability exists in Open Management Infrastructure, a management agent used in certain Linux-based Microsoft Azure services. Exploitation of this vulnerability could allow a malicious actor to take control of the vulnerable host. Affected organisations should apply the available security update.
ACSC has observed an increase in reporting of LockBit 2.0 ransomware incidents in Australia. The LockBit ransomware restricts access to corporate files and systems by encrypting them into a locked and unusable format. Victims receive instructions on how to engage with the offenders after encryption. LockBit affiliates have successfully deployed ransomware on corporate systems in a variety of countries and sectors, including Australia, where the ACSC is aware of numerous incidents since 2020. LockBit affiliates are known to implement the ‘double extortion’ technique by uploading stolen and sensitive victim information to their dark web site ‘LockBit 2.0’, and threatening to sell and/or release this information if their ransom demands are not met.
Cybercriminals are targeting construction companies to conduct business email compromise scams. All parties to construction projects should be vigilant when emailing about invoices and bank details.
Google released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. The patch notes for this version can be viewed at Chrome Release Note.
Encryption Whenever you send private data to another computer or server on the internet, which happens many times a day, thereis some risk involved. It's a bit like Little Red Riding Hood's mother sending her to her grandmother's house on the other side of the woods. Those woods, which she has to cross alone without defence, have an assortment of dangers.
The Australian Cyber Security Centre (ACSC) is aware an ongoing ransomware campaign utilising the Avaddon Ransomware malware. This campaign is actively targeting Australian organisations in a variety of sectors. This advisory provides details of Avaddon threat actors, dark web activity, targeted countries and sectors, the malware infection chain, and known Techniques, Tools, and Procedures (TTPs). If activity is identified relating to this advisory please report any findings to the ACSC.
Pradeo’s Mobile Threat Defense services are now integrated with Knox Manage, Samsung’s mobile device management (MDM) solution available with Knox Suite. Starting today, organizations can simply automate the protection of their mobile fleet, knocking out in a few clicks all the increasing cyberthreats (such as malware or data exfiltration) targeting enterprise mobility.
Just before Christmas 2018, the Federal Government quietly unveiled its new Digital Economy Strategy - titled Australia's Tech Future (PDF).