Skip to content
Saya 888

Saya 888

  • Home
  • Australian companies
  • Australian cricket
  • Australian migration
  • Australian news
Watch Online
  • Home
  • Australian companies
  • ACSC warns Australian companies against Russian malware
  • Australian companies

ACSC warns Australian companies against Russian malware

Juan J. Monroe February 28, 2022

The Australian Cyber ​​Center has issued a high alert notice to help Australian organizations detect destructive Russian malware used to target sites in Ukraine. “Australian organizations should urgently adopt a strengthened cybersecurity posture,” he said.

(image: CCAA)

“Organizations should act now and follow the advice of the ACSC to improve their cybersecurity resilience in light of the heightened threat environment,” the ACSC said. “While the ACSC is not aware of any current or specific threats to Australian organizations, the adoption of a strengthened cybersecurity posture and increased threat monitoring will help reduce the impacts on Australian organizations.

acsc high alert“The ACSC is aware of reports that threat actors have deployed destructive malware to target organizations in Ukraine. This advisory provides additional Indicators of Compromise (IOCs) to help organizations detect WhisperGate and HermeticWiper destructive malware.

“Destructive malware can pose a direct threat to an organization’s day-to-day operations, affecting the availability of critical assets and data.

“Australian organizations must continue to remain vigilant against the threat of ransomware. Threat actors suspected of being associated with Conti have claimed they will target unspecified critical infrastructure in response to cyber or military actions against Russia The CCAA has published a profile on Conti’s background, threat activity and mitigation tips. Tactics, techniques, and procedures associated with Conti ransomware are included in the profile.

“This notice has been compiled with respect to the MITER ATT&CK® framea globally accessible knowledge base of adversary tactics and techniques, based on real-world observations, and draws on information from ACSC partner agencies and AI sources industry. »

First access:

Spear phishing emails can be sent with malicious HTML attachments. The lures of spear phishing emails can be tailored to the targeted organization. HTML (.html) files can contain an obfuscated JavaScript payload, which seeks to mount an .ISO file, much like an external player. A .lnk file executes a hidden .dll file, which in turn executes other payloads such as Cobalt Strike.

Threat actors use brute force techniques to identify valid account credentials for domain and M365 accounts. After obtaining domain credentials, actors use them to gain initial access to networks.

Threat actors send spear-phishing emails containing links to malicious domains and use publicly available URL shortening services to hide the link. Embedding shortened URLs instead of malicious actor-controlled domains is an obfuscation technique intended to circumvent virus and spam scanning tools. The technique often promotes false legitimacy with the email recipient, increasing the likelihood that a victim will click on the link.

Threat actors use credentials collected in conjunction with known vulnerabilities, for example, CVE-2020-0688 and CVE-2020-17144, on public applications, such as virtual private networks (VPNs), to elevate privileges and obtain remote code execution (RCE) on exposed applications. Additionally, threat actors exploited CVE-2018-13379 on FortiClient to gain credentials to access networks.

Actors gained initial access to victim organizations by compromising trusted third-party software. Notable incidents include MEDoc accounting software and SolarWinds Orion.

The ACSC is monitoring the situation and is able to provide assistance or advice as needed. Organizations that have been affected or need assistance can contact the CCAA via 1300 CYBER1 (1300 292 371).

More information here.

Continue Reading

Previous: Australian companies must urgently review their ties to Russian oligarchs
Next: On your marks, get set, stall. Australian companies are failing to meet their modern slavery obligations

Related Stories

ABC economists predict that stronger and better climate information from Australian businesses will lead to more sustainability initiatives
  • Australian companies

ABC economists predict that stronger and better climate information from Australian businesses will lead to more sustainability initiatives

May 12, 2022
Russia’s war in Ukraine has resulted in ‘windfall’ gains for Australian companies
  • Australian companies

Russia’s war in Ukraine has resulted in ‘windfall’ gains for Australian companies

May 10, 2022
Australian companies find that menstrual leave increases productivity
  • Australian companies

Australian companies find that menstrual leave increases productivity

April 29, 2022

Categories

  • Australian companies
  • Australian cricket
  • Australian migration
  • Australian news

australian companies australian cricket australian government australian media australian news chief executive cricket australia facebook google media companies minister scott news content news corp news media prime minister scott morrison social media south wales united states world cup

Recent Posts

  • Why the Student Loan System in Australia Might Be on to Something

  • Former Australian cricket icon Andrew Symonds has died aged 46

  • Australian cricket legend Andrew Symonds dies aged 46 in car accident

  • ABC economists predict that stronger and better climate information from Australian businesses will lead to more sustainability initiatives

  • Australian cricket team on alert ahead of Sri Lanka tour

  • Russia’s war in Ukraine has resulted in ‘windfall’ gains for Australian companies

  • Facebook’s Australian News Ban Was Intentional | information age

  • Facebook caused chaos to water down Australia’s news law: WSJ

  • No plans to increase Australian migration levels | information age

  • Australian companies find that menstrual leave increases productivity

Archives

  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • January 2020
  • November 2019
  • September 2019
  • August 2019
  • March 2018
  • Privacy Policy
  • Terms and Conditions