Security News

Australia's government has announced it will compel social media companies to reveal the identities of users who post material considered defamatory. Just how social media companies will be made to identify users was not explained, nor has a bill been posted that would shed light on how the law would operate - but an "Exposure draft" of the law was promised "In the coming week" ahead of a consultation process.

Cybersecurity agencies from Australia, the U.K., and the U.S. on Wednesday released a joint advisory warning of active exploitation of Fortinet and Microsoft Exchange ProxyShell vulnerabilities by Iranian state-sponsored actors to gain initial access to vulnerable systems for follow-on activities, including data exfiltration and ransomware. The threat actor is believed to have leveraged multiple Fortinet FortiOS vulnerabilities dating back to March 2021 as well as a remote code execution flaw affecting Microsoft Exchange Servers since at least October 2021, according to the U.S. Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, the Australian Cyber Security Centre, and the U.K.'s National Cyber Security Centre.

Australia's Attorney-General has submitted the first draft of a new Online Privacy Bill that contains striking reforms over existing privacy laws. The goal of the new bill is to modernize the legislative context that underpins online data protection and security and make new laws tight enough to enforce data handling practices by Internet entities.

Australia's Minister for Home Affairs has announced the "Australian Government's Ransomware Action Plan," which is a set of new measures the country will adopt in an attempt to tackle the rising threat. Ransomware is a global problem, and Australian businesses aren't excluded from costly service-disrupting attacks.

Australia, the United States of America, and the United Kingdom have signed a new defence and technology-sharing pact. Dubbed AUKUS, the headline item of the pact is assistance from the UK and US to help Australia build nuclear-powered submarines that are interoperable with their own fleets.

Tanium announced that its cloud-based endpoint visibility and control solution, Tanium as a Service, is now available via local data centers in Canada, the UK, Brazil and Australia to support customers. By delivering TaaS via local data centers, Tanium is able to provide customers in these regions with enhanced TaaS performance, better support for their compliance programs and high-fidelity endpoint data to inform their critical IT decisions.

The world's largest meat distributor shut down some operations in both the United States and Australia over the Memorial Day weekend after a cyberattack on its IT systems that could have a significant effect on the food supply chain if not resolved quickly. Though JBS did not disclose which of its U.S. operations were affected, in Australia JBS shut down operations across the states of Queensland, Victoria, New South Wales and Tasmania, according to JBS Australia CEO Brent Eastwood told Beef Central.

The Federal Bureau of Investigation and the Australian Cyber Security Centre are warning of an ongoing Avaddon ransomware campaign targeting organizations from an extensive array of sectors in the US and worldwide. "The Australian Cyber Security Centre is aware of an ongoing ransomware campaign utilizing the Avaddon Ransomware malware [.] actively targeting Australian organisations in a variety of sectors," the ACSC added [PDF].

Australia has decided that six-year-old children need education on cyber-security, even as it removes other material from the national curriculum. A newly revised draft of the national curriculum for children aged five to sixteen, launched yesterday, added a new strand titled "Considering privacy and security" that "Involves students developing appropriate techniques for managing data, which is personal, and effectively implementing security protocols."

The first "Quad summit" of leaders from Australia, India, Japan, and the USA has announced the group will create a "Critical and Emerging Technology Working Group". The joint "Spirit of the Quad" statment said the group will: "Respond to the economic and health impacts of COVID-19, combat climate change, and address shared challenges, including in cyber space, critical technologies, counterterrorism, quality infrastructure investment, and humanitarian-assistance and disaster-relief as well as maritime domains."