CyberCX Blog
Expert analysis, industry insights and latest news from our leading cyber security experts.
Budget nudges private sector closer to cyber frontline
What does the 2023-24 budget tell us about the Australian government’s approach to cyber as we approach the release of the reset cyber security strategy?
Azure SSRF Metadata
Find out how Azure-hosted services can be exploited through Server-Side Request Forgery (SSRF) attacks and what developers and system administrators can do to minimise these risks.
Celebrating privacy progress during Privacy Awareness Week
CyberCX, Australia and New Zealand’s leading provider of cyber security and cyber risk advisory services, has recognised organisations leading the market in Privacy by Design across their digital shopfronts.
Cyber security is an ocean
The recent Australian Information Industry Association’s Digital Capability Uplift Program conference proved an exceptional opportunity to share cyber security fundamentals with a wide range of partners and participate in broader conversations about how digital technologies can support governments and businesses to achieve their objectives.
Holding a Mirror to Medusa: A New and Voracious Threat Actor
This Intelligence Update provides situational awareness of cyber attacks attributed to a new and prolific cyber extortion group, calling itself Medusa Team
Making tracks with the ACSC Essential Eight
This blog highlights the importance of continual effort in ensuring robust and timely deployment of Essential Eight controls across organisations within the commonwealth.
Leaking data from DNSSEC
This technical blog discusses how the NSEC and NSEC3 DNSSEC records can be abused by attackers to identify valid DNS entries.
Patch Now to Avoid a Cyber Crisis this Holiday Season
Zero days in common identity manager system
CyberCX discovered three distinct vulnerabilities in Symantec Identity Manager 14.3 during a penetration test. This blog outlines how we found them and the complexities of exploiting them in our customer’s environment.
Telecommunications M&A in an Evolving Cyber Environment
October Budget: A modest cyber spend, but plenty to hope for next year
The Albanese government’s first Budget delivered on most of the government’s election commitments – from childcare and aged care through to housing.
When it came to cyber security, the spending was modest, which will raise expectations for major cyber reforms in the lead up to the government’s next budget in May.
Get Ready to Kiss Passwords Goodbye
Since the dawn of IT security, passwords have been an unavoidable necessity for humans to be able to interact securely with technology.
At the same time, whether you’re an end user, an IT professional, or a business owner, our collective experience with passwords has been problematic at best.
Location, location, location: Keeping track of risk with Microsoft Authenticator
One of the common security controls our customers implement to keep themselves safe and secure is region-specific conditional access policies.
Six Actions to Improve Your Organisation's Cyber Resilience Following the Optus Breach
Australia’s cyber threat landscape has never been more contested or unstable.
In response to client concerns following the Optus breach, CyberCX has prepared this baseline checklist of six actions that every organisation should take to address the key issues arising from that incident as we understand them.
Security advice for individuals following Optus data breach
Threat actors target Australians through mobile phones to access information and gain access to other systems, including victims’ organisations.
CyberCX Intelligence is providing the following advice for avoiding phone-based attacks based on known threat actor capabilities and behaviours:
Physical Penetration Test and Physical Security Site Audits
Most companies understand the need for robust information security. Large sums are spent on technology aimed at securing networks, systems, and information. However, one of the areas frequently overlooked is physical security.
Upcoming Changes to the Payment Card Industry Data Security Standard: New Hashing Requirements
Organisations that are subject to the Payment Card Industry Data Security Standard (PCI DSS) should be aware of changes to the Standard in order to ensure that remain compliant with the updated requirements.
Threat Advisory Update
Russian travel sanctions increase to target 387 Australians: Impacts for Australian organisations’ cyber risk
On 21 July, the Ministry announced sanctions against a further 39 Australians operating in border protection, law enforcement and immigration organisations, predominantly in the public service.
CyberCX Intelligence assesses this development materially increases cyber risk in the immediate to medium term for the sanctioned individuals and organisations directly connected to them.
Threat Advisory
Lessons Learned: Phishing and Impersonation Campaign Targeted Australian Organisations Through Abuse of e-Learning Provider
CyberCX proactively notified affected organisations and advised the e-learning provider of the persistent abuse of its services.
CyberCX Intelligence has been unable to link this phishing campaign to a specific actor or financial motive, but assesses it is likely an at least moderately-resourced threat actor with sustained intent to target Australian organisations.
Threat Advisory
Russian travel sanctions against an additional 120 Australians: Impacts for Australian organisations’ cyber risk
On 16 June, the Russian Foreign Ministry announced sanctions against 120 Australians operating across the defence, government, mining, technology, think tank, higher education, entertainment and media sectors.
CyberCX Intelligence assesses this development materially increases cyber risk in the immediate to medium term for the sanctioned individuals and organisations directly connected to them.
Intelligence Update
Solomon-Islands-China Security Agreement: Implication for regional cyber risk
There is increasing diplomatic tension and instability in the Pacific, a development likely to also increase cyber risk for all organisations in Australia and New Zealand.
The Solomon Islands-China Security Cooperation Agreement (the Security Agreement) and associated actions will be key drivers in the Pacific cyber threat landscape.
Intelligence Update
A question of timing:
examining the circumstances surrounding the Nauru Police Force hack-and-leak
On 2 May 2022, 285,631 files stolen from the Nauru Police Force, including some relating to alleged human rights abuses in Australia’s offshore processing centres, were leaked.
CyberCX assesses that there are several anomalies that invite scepticism about the motivations of the threat actor and warrant further investigation.
CyberCX Cyber Dialogue: A-UK-US heavyweights talk Russia’s invasion and cyber implications
The Ukraine-Russia war is a major turning point in cyber history – this was the key message emerging from Cyber Dialogue webinar.
Privacy by Design: CyberCX Recognises Leaders in the Field
CyberCX has identified the Australian companies leading among their peers on privacy. As Australia’s regulatory and policy settings on privacy tighten, leadership on privacy is increasingly important.
When Scanning Isn’t Enough: Practical Tips for Log4j Vulnerability Detection
Squeezing a balloon: How Australia's new ransomware laws will affect businesses
Change and disruption: How the Russia-Ukraine conflict is reshaping cyber crime
Australian and New Zealand organisations face a real chance of ransomware, data theft extortion or DDoS attacks by pro-Russia criminal groups and hacktivists.
CyberCX 2022 Budget Analysis
Cyber and critical technology are big ticket spending items for this federal Budget, as Australia heads into a federal election. In this post we set out the major spending measures, and what they could mean for Australian organisations and our broader threat landscape.
Threat Advisory Update
Russia/Ukraine conflict: Impacts for Australian and New Zealand organisations
CyberCX continues to urge all Australian and New Zealand organisations to adopt a posture of heightened cyber readiness and awareness.
Threat Advisory
Escalating geopolitical tensions between Russia, Ukraine and NATO members: Impacts for Australian and New Zealand organisations
To pay or not to pay: In a ransomware attack, this is not always the question
Log4j Critical Vulnerability (CVE-2021-44228): Planning for the holidays
The Log4j/Log4Shell incident is continuing to evolve. We have seen both blue teams and red teams changing and improving their techniques to adapt.
Log4j Critical Vulnerability (CVE-2021-44228): Practical Tips to Protect Your Organisation
Ten things you should know about ISO/IEC 27001
ISO 27001 is a risk-based compliance framework designed to help organisations effectively manage information security.
Enhancing protection of Australian critical infrastructure
CyberCX 2021 Budget Analysis
After experiencing one of the most challenging years in living memory, Australia has a unique opportunity to emerge from the
2021 Cyber Trends Analysis
LogRhythm Zero Days
As a result of our team’s penetration testing and exploitation activities, we uncovered a series of high-risk vulnerabilities that could be chained together.