CyberCX Blog

Expert analysis, industry insights and latest news from our leading cyber security experts.

Location, location, location: Keeping track of risk with Microsoft Authenticator

One of the common security controls our customers implement to keep themselves safe and secure is region-specific conditional access policies.

Threat Advisory Update
Russian travel sanctions increase to target 387 Australians: Impacts for Australian organisations’ cyber risk

On 21 July, the Ministry announced sanctions against a further 39 Australians operating in border protection, law enforcement and immigration organisations, predominantly in the public service.

CyberCX Intelligence assesses this development materially increases cyber risk in the immediate to medium term for the sanctioned individuals and organisations directly connected to them.

Threat Advisory
Lessons Learned: Phishing and Impersonation Campaign Targeted Australian Organisations Through Abuse of e-Learning Provider

CyberCX proactively notified affected organisations and advised the e-learning provider of the persistent abuse of its services. 

CyberCX Intelligence has been unable to link this phishing campaign to a specific actor or financial motive, but assesses it is likely an at least moderately-resourced threat actor with sustained intent to target Australian organisations.

Threat Advisory
Russian travel sanctions against an additional 120 Australians: Impacts for Australian organisations’ cyber risk

On 16 June, the Russian Foreign Ministry announced sanctions against 120 Australians operating across the defence, government, mining, technology, think tank, higher education, entertainment and media sectors.

CyberCX Intelligence assesses this development materially increases cyber risk in the immediate to medium term for the sanctioned individuals and organisations directly connected to them.

Intelligence Update
Solomon-Islands-China Security Agreement: Implication for regional cyber risk

There is increasing diplomatic tension and instability in the Pacific, a development likely to also increase cyber risk for all organisations in Australia and New Zealand.

The Solomon Islands-China Security Cooperation Agreement (the Security Agreement) and associated actions will be key drivers in the Pacific cyber threat landscape.

Intelligence Update
A question of timing:
examining the circumstances surrounding the Nauru Police Force hack-and-leak

On 2 May 2022, 285,631 files stolen from the Nauru Police Force, including some relating to alleged human rights abuses in Australia’s offshore processing centres, were leaked.

CyberCX assesses that there are several anomalies that invite scepticism about the motivations of the threat actor and warrant further investigation. 

When Scanning Isn’t Enough: Practical Tips for Log4j Vulnerability Detection

The Log4j critical vulnerability (CVE-2021-44228) is being actively exploited and is a major concern for organisations worldwide.

Squeezing a balloon: How Australia's new ransomware laws will affect businesses

The Australian Government is beginning to legislate its ‘Ransomware Action Plan’ announced last October. But what does the Plan mean for Australian businesses and will it materially improve our country’s cyber threat landscape?

Change and disruption: How the Russia-Ukraine conflict is reshaping cyber crime

Australian and New Zealand organisations face a real chance of ransomware, data theft extortion or DDoS attacks by pro-Russia criminal groups and hacktivists.

CyberCX 2022 Budget Analysis

Cyber and critical technology are big ticket spending items for this federal Budget, as Australia heads into a federal election. In this post we set out the major spending measures, and what they could mean for Australian organisations and our broader threat landscape.

Threat Advisory Update
Russia/Ukraine conflict: Impacts for Australian and New Zealand organisations

CyberCX continues to urge all Australian and New Zealand organisations to adopt a posture of heightened cyber readiness and awareness.


Threat Advisory
Escalating geopolitical tensions between Russia, Ukraine and NATO members: Impacts for Australian and New Zealand organisations

The situation in Ukraine is actively evolving. CyberCX Cyber Intelligence is closely monitoring developments.

To pay or not to pay: In a ransomware attack, this is not always the question

The Australian Cyber Security Centre received nearly 500 reports of ransomware attacks against Australian organisations last financial year. 

Log4j Critical Vulnerability (CVE-2021-44228): Planning for the holidays

The Log4j/Log4Shell incident is continuing to evolve. We have seen both blue teams and red teams changing and improving their techniques to adapt.

Log4j Critical Vulnerability (CVE-2021-44228): Practical Tips to Protect Your Organisation

Over the weekend, the Log4j vulnerability kept security teams across the world at work...

Ten things you should know about ISO/IEC 27001

ISO 27001 is a risk-based compliance framework designed to help organisations effectively manage information security.

Enhancing protection of Australian critical infrastructure

Critical infrastructure law reform remains a major focus for the Australian Government in 2021.

CyberCX 2021 Budget Analysis

After experiencing one of the most challenging years in living memory, Australia has a unique opportunity to emerge from the

LogRhythm Zero Days

As a result of our team’s penetration testing and exploitation activities, we uncovered a series of high-risk vulnerabilities that could be chained together.