Russian APT28 hackers, also known as Fancy Bear and other aliases, have been targeting unpatched Cisco routers in a malware operation since 2021. The UK National Cyber Security Centre (NCSC) and the US' National Security Agency, Cybersecurity and Infrastructure Security Agency, and the FBI issued a joint advisory outlining the APT28 exploitation tactics. The attackers exploited CVE-2017-6742, a bug in the Simple Network Management Protocol (SNMP)...
Read More
Microsoft Unveils 'Security Copilot' Tool to Boost Cybersecurity Efforts. Microsoft has launched a new tool designed to help cyber security professionals detect and identify breaches and threat signals more efficiently. Called 'Security Copilot', the tool is powered by OpenAI's latest GPT-4 generative artificial intelligence model. Its primary function is to aid security analysts in tasks such as summarising incidents, analysing vulnerabilities, and sharing information with colleagues...
Read More
Moyne Shire Council Detects and Halts Unauthorized Access Incident at Kindergarten. Officials at Moyne Shire Council, located in Victoria, have reported that they have identified and terminated an unauthorised access incident on a device at a council-run kindergarten. The council disclosed that the incident occurred on March 3 and targeted an "electronic device...
Read More
The Australian Government is taking steps to become the most cyber secure country in the world by 2030, with the announcement of a new national office for cyber security and the launch of a consultation on a seven-year cyber security strategy. Home Affairs Minister Clare O’Neil said the office would be led by a new senior official with the title of coordinator for cyber security, with...
Read More
Victoria’s auditor-general has expressed concern over the increasing number of weaknesses in IT controls in the state's local government sector. According to a new audit, the office found more IT control weaknesses due to increased scrutiny. These weaknesses included access management, policies and procedures, logging and monitoring, backup and recovery, and change management. The auditor-general noted that poor IT controls increase the risk of unauthorised access, cyber-attacks,...
Read More
Attention readers, if you are using Chrome on your Windows, Mac, and Linux computers, you need to update your web browsing software immediately to the latest version Google released earlier today. With the release of Chrome 78.0.3904.87, Google is warning billions of users to install an urgent software update immediately to patch two high severity vulnerabilities, one of which attackers are actively exploiting in the wild...
Read More
A team of German cybersecurity researchers has discovered a new cache poisoning attack against web caching systems that could be used by an attacker to force a targeted website into delivering error pages to most of its visitors instead of legitimate content or resources. The issue affects reverse proxy cache systems like Varnish and some widely-used Content Distribution Networks (CDNs) services, including Amazon CloudFront, Cloudflare, Fastly,...
Read More