Security News

Australian authorities have asked the United States Federal Bureau of Investigation to assist with investigations into the data breach at local telco Optus. Attorney general Mark Dreyfus yesterday revealed the FBI was asked to help identify the entities involved in the attack, which saw Optus leak data describing over ten million account holders.

An Australian man was charged for developing and selling the Imminent Monitor remote access trojan, used to spy on victims' devices remotely. Yesterday, the Australian Federal Police announced that they had charged an Australian man, age 24, for developing and selling the Imminent Monitor software.

A previously undocumented Chinese-speaking advanced persistent threat actor dubbed Aoqin Dragon has been linked to a string of espionage-oriented attacks aimed at government, education, and telecom entities chiefly in Southeast Asia and Australia dating as far back as 2013. This involved leveraging old and unpatched security vulnerabilities, with the decoy documents enticing targets into opening the files.

The Australian Competition & Consumer Commission is raising awareness about a spike in money recovery scams. The agency warns in an alert today that reports of money recovery scams this year have increased in Australia by 725% compared to the same period in 2021.

Ransomware attacks are proliferating as criminals turn to gangs providing turnkey post-compromise services, Britain's National Cyber Security Centre has warned. The warning comes hot on the heels of several high-profile attacks against oil distribution companies and also businesses that operate ports in the West - though today's note insists there was a move by criminals away from "Big game hunting" against US targets.

The United Kingdom and Australia have signed a Cyber and Critical Technology Partnership that will, among other things, transport criminals to a harsh penal regime on the other side of the world. What we do know is that the two nations have pledged to "Increase deterrence by raising the costs for hostile state activity in cyberspace - including through strategic co-ordination of our cyber sanctions regimes." That's code for both nations adopting the same deterrents and punishments for online malfeasance so that malfeasants can't shop jurisdictions to find more lenient penalties.

Australia's government has announced it will compel social media companies to reveal the identities of users who post material considered defamatory. Just how social media companies will be made to identify users was not explained, nor has a bill been posted that would shed light on how the law would operate - but an "Exposure draft" of the law was promised "In the coming week" ahead of a consultation process.

Cybersecurity agencies from Australia, the U.K., and the U.S. on Wednesday released a joint advisory warning of active exploitation of Fortinet and Microsoft Exchange ProxyShell vulnerabilities by Iranian state-sponsored actors to gain initial access to vulnerable systems for follow-on activities, including data exfiltration and ransomware. The threat actor is believed to have leveraged multiple Fortinet FortiOS vulnerabilities dating back to March 2021 as well as a remote code execution flaw affecting Microsoft Exchange Servers since at least October 2021, according to the U.S. Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, the Australian Cyber Security Centre, and the U.K.'s National Cyber Security Centre.

Australia's Attorney-General has submitted the first draft of a new Online Privacy Bill that contains striking reforms over existing privacy laws. The goal of the new bill is to modernize the legislative context that underpins online data protection and security and make new laws tight enough to enforce data handling practices by Internet entities.

Australia's Minister for Home Affairs has announced the "Australian Government's Ransomware Action Plan," which is a set of new measures the country will adopt in an attempt to tackle the rising threat. Ransomware is a global problem, and Australian businesses aren't excluded from costly service-disrupting attacks.