Cybersecurity practices in Australia’s financial sector have improved marginally but are still falling far short of expectations, according to the latest in a series of ASIC audits that is tracking the maturity of cybersecurity controls in the critical industry sector. Many companies had “overly ambitious targets” for improving their cybersecurity posture when ASIC conducted its last audit, the organisation concluded in its “Cyber Resilience of Firms...
Read More
The Apache Log4j vulnerability has made global headlines since it was discovered in early December. The flaw has impacted vast numbers of organizations around the world as security teams have scrambled to mitigate the associated risks. Here is a timeline of the key events surrounding the Log4j vulnerability as they have unfolded. Thursday, December 9: Apache Log4j zero-day exploit discoveredApache released details on a critical vulnerability...
Read More
Despite a recent decline in attacks, ransomware still poses significant threats to enterprises, as the attacks against healthcare organizations demonstrated this month. It is also becoming more capable. In particular, ransomware writers are aware that backups are an effective defense and are modifying their malware to track down and eliminate the backups. Ransomware targeting backups Ransomware will now delete any backups it happens to come across along...
Read More