Alerts

Scam Watch Australia

Scam alert: Bulk email extortion scam 2024-10-23
Published 24 Oct 2024 Summary Criminals are emailing people claiming they have hacked into their computers or webcams and have access to compromising images and videos of them. These criminals threaten victims saying they will release the images and videos unless they are paid.
Scam alert: Scammers are targeting Australians in hardship 2024-10-22
Published 22 Oct 2024 Summary Criminals are impersonating charities and offering fake financial assistance schemes to target people experiencing financial hardship.
Scam alert: Scammers impersonating banks in text messages, phone calls and emails 2024-10-17
Published 18 Oct 2024 Summary Criminals are calling, emailing or messaging people and pretending to be from their bank so that they can steal your money.
Scams Awareness Week 2024: Share a story, stop a scam 2024-08-23
Published 23 Aug 2024 Summary This Scams Awareness Week (26 to 30 August) the National Anti-Scam Centre is encouraging Australians to speak up, share their experiences with others and to report scams to Scamwatch.
Consumers and businesses warned of potential scams following CrowdStrike outage 2024-07-20
Published 20 Jul 2024 Summary The National Anti-Scam Centre is warning consumers and small businesses to be wary of unsolicited calls, emails or messages requesting they download a software patch or provide remote access to fix or protect their computer from the CrowdStrike/Microsoft outage.
Scam alert: NASC impersonation scammers 2024-06-21
Published 21 Jun 2024 Summary Criminals pretending they're from the National Anti-Scam Centre are calling people, saying your phone number is involved in a scam in China.
Scam alert: Hang up on remote access scammers 2024-05-27
Published 28 May 2024 Summary Criminals who contact you unexpectedly offering to help 'fix problems' with your account, phone or computer are causing increasing financial loss through remote access scams.
National Anti-Scam Centre reports on third quarter and first fusion cell 2024-05-21
Published 21 May 2024 Summary The National Anti-Scam Centre releases its third quarterly update and reports on its first fusion cell.
Scam alert: Fake business invoice scams 2024-04-04
Published 4 Apr 2024 Summary Scammers pretending to be real businesses are sending fake invoices to customers, with scam bank account details. These may seem to come from a business you expect an invoice from - but scammers have stolen their identity to steal your money.
National Anti-Scam Centre releases second quarterly update 2024-03-11
Published 12 Mar 2024 Summary The National Anti-Scam Centre has released its second quarterly update (October – December 2023).

Smart Traveller Australia

Bulgaria 2024-11-21
We continue to advise exercise normal safety precautions in Bulgaria.
Smartraveller
Angola 2024-11-21
We continue to advise exercise a high degree of caution in Angola. You don't need a visa to visit Angola as a tourist. For all other travel, apply for a visa online with Angola's Serviço de Migração (see 'Travel').
Smartraveller
Montenegro 2024-11-20
We continue to advise exercise normal safety precautions in Montenegro. You can stay for up to 90 days in a 6-month period without a tourist visa from the date of entry to Montenegro.
Smartraveller
Protests overseas around 7 October 2024-11-20
Demonstrations and unrest linked to the situation in the Middle East may occur in countries worldwide.
Smartraveller
Partying safely 2024-11-20
Australians of all kinds enjoy partying and celebrating. Know what you can do to reduce your risk of things going wrong.
Smartraveller
Portugal 2024-11-01
We've reviewed the travel advice for Portugal and continue to advise exercise normal safety precautions.
Smartraveller
Syria 2024-10-30
We've reviewed our advice for Syria and continue to advise do not travel. The ongoing conflict in Lebanon and the Occupied Palestinian Territories could lead to increased tensions in other locations in the Middle East. There is an increased threat of attacks against Israeli interests across the region. Demonstrations and protest activity may also occur, […]
Smartraveller
United Arab Emirates 2024-10-25
We've reviewed our travel advice and continue to advise exercise a high degree of caution in the United Arab Emirates. The ongoing conflict in Lebanon and the Occupied Palestinian Territories could lead to increased tensions in other locations in the Middle East. There's an increased threat of attacks against Israeli interests across the region. The […]
Smartraveller
Yemen 2024-09-29
The ongoing conflict in Lebanon and the Occupied Palestinian Territories could lead to increased tensions in other locations in the Middle East. There is an increased threat of attacks against Israeli interests across the region. Demonstrations and protest activity may also occur, and localised security situations could deteriorate with little notice. Avoid all demonstrations and […]
Smartraveller
Morocco 2024-04-11
There's currently an increased risk of demonstrations and protests occurring around the country. Avoid protests and demonstrations. Follow the advice of local authorities and check media for updates. Reconstruction work is still continuing following the earthquake in September 2023. Avoid travelling to impacted areas.
Smartraveller

The Hacker News

Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments 2024-11-20
Threat actors are increasingly banking on a new technique that leverages near-field communication (NFC) to cash out victim's funds at scale. The technique, codenamed Ghost Tap by ThreatFabric, enables cybercriminals to cash-out money from stolen credit cards linked to mobile payment services such as Google Pay or Apple Pay and relaying NFC traffic. "Criminals can […]
NHIs Are the Future of Cybersecurity: Meet NHIDR 2024-11-20
The frequency and sophistication of modern cyberattacks are surging, making it increasingly challenging for organizations to protect sensitive data and critical infrastructure. When attackers compromise a non-human identity (NHI), they can swiftly exploit it to move laterally across systems, identifying vulnerabilities and compromising additional NHIs in minutes. While organizations often take
Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package 2024-11-20
Multiple decade-old security vulnerabilities have been disclosed in the needrestart package installed by default in Ubuntu Server (since version 21.04) that could allow a local attacker to gain root privileges without requiring user interaction. The Qualys Threat Research Unit (TRU), which identified and reported the flaws early last month, said they are trivial to exploit, […]
Microsoft Launches Windows Resiliency Initiative to Boost Security and System Integrity 2024-11-20
Microsoft has announced a new Windows Resiliency Initiative as a way to improve security and reliability, as well as ensure that system integrity is not compromised. The idea, the tech giant said, is to avoid incidents like that of CrowdStrike's earlier this July, enable more apps and users to be run without admin privileges, add […]
China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks 2024-11-20
A new China-linked cyber espionage group has been attributed as behind a series of targeted cyber attacks targeting telecommunications entities in South Asia and Africa since at least 2020 with the goal of enabling intelligence collection. Cybersecurity company CrowdStrike is tracking the adversary under the name Liminal Panda, describing it as possessing deep knowledge about […]
Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities 2024-11-20
Apple has released security updates for iOS, iPadOS, macOS, visionOS, and its Safari web browser to address two zero-day flaws that have come under active exploitation in the wild. The flaws are listed below - CVE-2024-44308 (CVSS score: 8.8) - A vulnerability in JavaScriptCore that could lead to arbitrary code execution when processing malicious web content […]
Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation 2024-11-20
Oracle is warning that a high-severity security flaw impacting the Agile Product Lifecycle Management (PLM) Framework has been exploited in the wild. The vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5), could be exploited sans authentication to leak sensitive information. "This vulnerability is remotely exploitable without authentication, i.e., it may be exploited over a network
Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices 2024-11-19
The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal. "At least 80% of NSOCKS bots in our telemetry originate from the Ngioweb botnet, mainly utilizing small office/home office (SOHO) routers […]
Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts 2024-11-19
Malicious actors are exploiting misconfigured JupyterLab and Jupyter Notebooks to conduct stream ripping and enable sports piracy using live streaming capture tools. The attacks involve the hijack of unauthenticated Jupyter Notebooks to establish initial access, and perform a series of actions designed to facilitate illegal live streaming of sports events, Aqua said in a report […]
Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority 2024-11-19
Privileged accounts are well-known gateways for potential security threats. However, many organizations focus solely on managing privileged access—rather than securing the accounts and users entrusted with it. This emphasis is perhaps due to the persistent challenges of Privileged Access Management (PAM) deployments. Yet, as the threat landscape evolves, so must organizational priorities. To
New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems 2024-11-19
Cybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors are broadening their attack focus. "Helldown deploys Windows ransomware derived from the LockBit 3.0 code," Sekoia said in a report shared with The Hacker News. "Given the recent development of ransomware targeting ESX, […]
Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign 2024-11-19
U.S. telecoms giant T-Mobile has confirmed that it was also among the companies that were targeted by Chinese threat actors to gain access to valuable information. The adversaries, tracked as Salt Typhoon, breached the company as part of a "monthslong campaign" designed to harvest cellphone communications of "high-value intelligence targets." It's not clear what information […]
Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation 2024-11-19
Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS score: 10.0), a maximum-severity security vulnerability in Progress Kemp LoadMaster to its Known Exploited Vulnerabilities (KEV) catalog. It was
New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers 2024-11-18
Cybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza. BabbleLoader is an "extremely evasive loader, packed with defensive mechanisms, that is designed to bypass antivirus and sandbox environments to deliver stealers into memory," Intezer security
The Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You Think 2024-11-18
According to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year's report. At the same time, the number of leaked credentials has never been higher, with over 12.7 million hardcoded credentials in public GitHub repositories alone. One of the more troubling aspects […]
THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17) 2024-11-18
What do hijacked websites, fake job offers, and sneaky ransomware have in common? They’re proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week makes one thing clear: no system, no person, no organization is truly off-limits. Attackers are getting smarter, faster, and more creative—using everything from human trust […]
Beyond Compliance: The Advantage of Year-Round Network Pen Testing 2024-11-18
IT leaders know the drill—regulators and cyber insurers demand regular network penetration testing to keep the bad guys out. But here’s the thing: hackers don’t wait around for compliance schedules. Most companies approach network penetration testing on a set schedule, with the most common frequency being twice a year (29%), followed by three to four […]
Gmail's New Shielded Email Feature Lets Users Create Aliases for Email Privacy 2024-11-18
Google appears to be readying a new feature called Shielded Email that allows users to create email aliases when signing up for online services and better combat spam. The feature was first reported by Android Authority last week following a teardown of the latest version of Google Play Services for Android. The idea is to […]
Fake Discount Sites Exploit Black Friday to Hijack Shopper Information 2024-11-18
A new phishing campaign is targeting e-commerce shoppers in Europe and the United States with bogus pages that mimic legitimate brands with the goal of stealing their personal information ahead of the Black Friday shopping season. "The campaign leveraged the heightened online shopping activity in November, the peak season for Black Friday discounts. The threat […]
NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's Lawsuit 2024-11-18
Legal documents released as part of an ongoing legal tussle between Meta's WhatsApp and NSO Group have revealed that the Israeli spyware vendor used multiple exploits targeting the messaging app to deliver Pegasus, including one even after it was sued by Meta for doing so. They also show that NSO Group repeatedly found ways to […]