The Australian Government is taking steps to become the most cyber secure country in the world by 2030, with the announcement of a new national office for cyber security and the launch of a consultation on a seven-year cyber security strategy. Home Affairs Minister Clare O’Neil said the office would be led by a new senior official with the title of coordinator for cyber security, with...
Read More
Victoria’s auditor-general has expressed concern over the increasing number of weaknesses in IT controls in the state's local government sector. According to a new audit, the office found more IT control weaknesses due to increased scrutiny. These weaknesses included access management, policies and procedures, logging and monitoring, backup and recovery, and change management. The auditor-general noted that poor IT controls increase the risk of unauthorised access, cyber-attacks,...
Read More
Today, Google announced that it is working with ecosystem partners to strengthen the security of firmware that interacts with Android. This is part of the company's defense-in-depth strategy, which seeks to protect the platform from malicious attacks. The Android operating system runs on what is known as the application processor (AP), but it is only one of many processors on a system-on-chip (SoC). These processors are...
Read More
The security of Fortinet FortiNAC appliances is under attack, with proof-of-concept exploit code now available and active exploitation attempts in the wild. FortiNAC is a zero-trust network access solution that can be deployed both as a hardware device or as a virtual machine appliance, and is used for network segmentation, visibility, and control of devices and users connected to the network. With more than 700,000 Fortinet...
Read More
Medibank has suffered a financial blow of up to $45 million as a result of a security breach in October. The attack saw an intruder gain access to the insurer's systems using a misconfigured firewall, bypassing the need for a digital security certificate. In response, Medibank has implemented additional security measures, including increased internal and third-party monitoring, and re-examining data management in light of potential changes...
Read More
On February 23, 2023, Jamf Threat Labs uncovered evasive cryptocurrency mining malware targeting macOS systems. The XMRig coin miner was being deployed as a trojanized version of the legitimate application Final Cut Pro, a video editing software from Apple. The malicious mining process was found to be sourced from Pirate Bay, with uploads dating back to 2019. It is believed that the malware was delivered as...
Read More