On Friday, European Union lawmakers agreed to tougher cyber security rules for large energy, transport and financial firms, digital providers and medical device makers amid concerns about cyber attacks by state actors and other malicious actors. Two years ago, the European Commission proposed … [Read more...]
New report shows over 8 in 10 Aussie organisations have suffered ransomware attacks
While 85 per cent of Australian organisations have suffered a ransomware attack over the last five years, the worrying research has also indicated that 72 per cent of respondents tried to keep it quiet. Not only did the research uncover that some 85 per cent of Australian organisations suffer … [Read more...]
Cyber breach notification within 6 hours mandated in India
India’s mandate on a “six-hour” window for companies to notify authorities about cyber breaches is now in force under sweeping new regulations declared by the country’s Computer Emergency Response Team, CERT-In. The regulation applies to “service providers, intermediaries, data centres, body … [Read more...]
UKRAINE FOILS RUSSIAN CYBER ATTACK ON ELECTRICITY GRID
The Russian hackers attempted to knock out power to millions of Ukrainians in a long-planned attack last week but failed. According to Ukrainian government officials, at one targeted high-voltage power station, the hackers succeeded in penetrating and disrupting part of the industrial control … [Read more...]
RESEARCHERS REVEAL QAKBOT BOTNET BECOMING MORE DANGEROUS
Sophos has published a technical deep dive into Qakbot, explaining how the botnet is becoming more advanced and dangerous to organisations. In a new article, “Qakbot Injects Itself into the Middle of Your Conversations”, Sophos researchers detail a recent Qakbot campaign that shows how the botnet … [Read more...]
How do you ‘Identify’ using the NIST Cyber Security Framework
National Institute of Standards and Technology (NIST) maintains one of the most widely adopted cyber security frameworks for critical infrastructure. NIST Cyber Security Framework is a system to base the creation of policies and procedures on for the purposes of managing risk, security hardening … [Read more...]
Telegram exploited by cyber criminals and hacktivists during Russia-Ukraine conflict
Check Point Research (CPR) has been monitoring activities occurring on Telegram observed from around the current conflict after Russia attacked Ukraine. Telegram has become a digital forefront for cyber attacks, fraud and news feeds with cyber criminals and hacktivists leveraging the messaging … [Read more...]
ICS vulnerability reports double, accelerate in 2021
Disclosures of vulnerabilities in industrial control systems have spiked 110 per cent over the past four years, according to new research from Claroty. New findings from cyber security company Claroty’s Biannual ICS Risk & Vulnerability Report have revealed industrial control system (ICS) … [Read more...]
Proofpoint reports new state-sponsored threat exploiting Ukraine crisis
A new phishing attack could be exploiting the Ukraine crisis to target European government officials, Proofpoint has revealed. Cyber security company Proofpoint has identified a likely state-sponsored phishing campaign potentially using a compromised Ukrainian armed service member’s email account … [Read more...]
ZSCALER APPOINTS CISO, ASIA-PACIFIC AND ANZ
A new lead has been appointed to spearhead the company’s security operations in the region. Cloud security company Zscaler has appointed Heng Mok as chief information security officer (CISO), Asia-Pacific. Heng Mok, who will be based in Melbourne, will be responsible for leading the digital … [Read more...]