Cybersecurity

Participants can earn up to $100,000 for finding severe flaws in Microsoft's Linux-based Azure Sphere IoT operating system.  Azure Sphere was unveiled in April 2018 as a means to improve security for devices connected to the Internet of Things (IoT). It's made up of three parts: connected microcontrollers, a Linux-based OS and custom kernel to power them, and a security service to protect the connected devices....

The Coronavirus crisis introduces critical operational challenges to business continuity, placing high stress on organisations' management. As a result, CIOs and CISOs face a double challenge on the cyber risk front – apart from the new risks that the mass transfer of employees working remotely brings, capturing the management mindshare for further investments in security becomes harder than ever. The Definitive Corona Cyber Security for Management PPT...

Records Management is intended to help businesses manage security and data governance as more struggle to handle increased amounts of data and regulatory requirements.  Microsoft today announced the general availability of Records Management in Microsoft 365, a new tool built to help businesses protect and manage sensitive data. Many struggle to create strong security, privacy, and risk capabilities, especially as the pandemic shifts operations.  A new Harvard...

In the last few months, multiple groups of attackers successfully compromised corporate email accounts of at least 156 high-ranking officers at various firms based in Germany, the UK, Netherlands, Hong Kong, and Singapore. Dubbed 'PerSwaysion,' the newly spotted cyberattack campaign leveraged Microsoft file-sharing services—including Sway, SharePoint, and OneNote—to launch highly targeted phishing attacks. According to a report Group-IB Threat Intelligence team published today and shared with The...

In November 2019, the Australian Signals Directorate’s Australian Cyber Security Centre coordinated a national cyber security exercise series in partnership with Australia’s electricity industry and government agencies. The series involved two exercises, a 2-day operational exercise and a strategic discussion exercise. The exercises were designed to strengthen industry and governments’ coordinated response to a significant cyber incident affecting Australia’s electricity sector. Participants were from the electricity industry,...

Cybersecurity researchers from ESET said they took down a portion of a malware botnet comprising at least 35,000 compromised Windows systems that attackers were secretly using to mine Monero cryptocurrency.The botnet, named "VictoryGate," has been active since May 2019, with infections mainly reported in Latin America, particularly Peru accounting for 90% of the compromised devices."The main activity of the botnet is mining Monero cryptocurrency," ESET...

A new malware campaign has been found using coronavirus-themed lures to strike government and energy sectors in Azerbaijan with remote access trojans (RAT) capable of exfiltrating sensitive documents, keystrokes, passwords, and even images from the webcam. The targeted attacks employ Microsoft Word documents as droppers to deploy a previously unknown Python-based RAT dubbed "PoetRAT" due to various references to sonnets by English playwright William Shakespeare. "The RAT...

Cybercriminals continue to target Australians through a range of COVID-19 themed scams, fraud attempts and deceptive email schemes, the Australian Cyber Security Centre (ACSC) has warned in a new threat update. Since 10 March 2020 the ACSC has: received more than 95 cybercrime reports about Australians losing money or personal information to COVID-19 themed scams and online frauds, responded to 20 cyber security incidents affecting COVID-19...

'Mozi' combines code from three previously known IoT malware.  Researchers at CenturyLink have found a new malware family that combines code from at least three other previously known malware to target Internet of Things (IoT) devices.  Devices infected with "Mozi," as CenturyLink is calling the new malware, are being assembled into an IoT botnet that can be used to launch distributed denial-of-service (DDoS) attacks, for data exfiltration,...

With increasing numbers of Australians working from home to combat the spread and impact of COVID-19, the Australian Cyber Security Centre (ACSC) has issued a new advisory containing tips to reduce the risk of Australians falling victim to cybercriminals at home. ACSC Head, Ms Abigail Bradshaw CSC, said the dramatic increase in people working from home – many of them for the first time, and the...