Alerts Scam Watch AustraliaScam alert: Scammers impersonating banks in text messages, phone calls and emails 2024-10-17Published 18 Oct 2024 Summary Criminals are calling, emailing or messaging people and pretending to be from their bank so that they can steal your money.Scams Awareness Week 2024: Share a story, stop a scam 2024-08-23Published 23 Aug 2024 Summary This Scams Awareness Week (26 to 30 August) the National Anti-Scam Centre is encouraging Australians to speak up, share their experiences with others and to report scams to Scamwatch.Consumers and businesses warned of potential scams following CrowdStrike outage 2024-07-20Published 20 Jul 2024 Summary The National Anti-Scam Centre is warning consumers and small businesses to be wary of unsolicited calls, emails or messages requesting they download a software patch or provide remote access to fix or protect their computer from the CrowdStrike/Microsoft outage.Scam alert: NASC impersonation scammers 2024-06-21Published 21 Jun 2024 Summary Criminals pretending they're from the National Anti-Scam Centre are calling people, saying your phone number is involved in a scam in China.Scam alert: Hang up on remote access scammers 2024-05-27Published 28 May 2024 Summary Criminals who contact you unexpectedly offering to help 'fix problems' with your account, phone or computer are causing increasing financial loss through remote access scams.National Anti-Scam Centre reports on third quarter and first fusion cell 2024-05-21Published 21 May 2024 Summary The National Anti-Scam Centre releases its third quarterly update and reports on its first fusion cell.Scam alert: Fake business invoice scams 2024-04-04Published 4 Apr 2024 Summary Scammers pretending to be real businesses are sending fake invoices to customers, with scam bank account details. These may seem to come from a business you expect an invoice from - but scammers have stolen their identity to steal your money.National Anti-Scam Centre releases second quarterly update 2024-03-11Published 12 Mar 2024 Summary The National Anti-Scam Centre has released its second quarterly update (October – December 2023).Scam alert: Fake celebrity online investment scams 2024-03-01Published 1 Mar 2024 Summary Scammers are creating lifelike impersonations (or 'deepfakes') of celebrities and public figures, who appear to be promoting 'quantum' or 'AI' online trading platforms. The people involved have not created these ads, the trading platforms are scams and you lose any money you 'invest'.Scam alert: Online dating and investment scams 2024-02-12Published 12 Feb 2024 Summary Scammers are targeting people looking online for love and friendship to trick them into fake investment and cryptocurrency schemes. Smart Traveller AustraliaPakistan 2024-10-22We continue to advise reconsider your need to travel overall. Higher levels apply. The security situation remains unpredictable. Avoid large groups of people, demonstrations, and protests, as they can turn violent quickly. Authorities may suspend internet and mobile phone networks and close roads and highways at short notice. Transit to and from Islamabad International Airport […] SmartravellerVisas and entry requirements in Europe and the Schengen Area 2024-10-21This page has general information on visa-free travel to European countries. SmartravellerMozambique 2024-10-21We continue to advise exercise a high degree of caution in Mozambique following the national elections held on 9 October. Higher levels apply in some areas. Avoid demonstrations, protests, large public events and gatherings as they can turn violent. Strikes can occur, affecting essential services, roads and transport. We continue to advise do not travel […] SmartravellerSenegal 2024-10-18We continue to advise exercise a high degree of caution in Senegal. Protests in Senegal have turned violent, resulting in several deaths and injuries. Avoid protests and public gatherings, limit unnecessary travel and remain vigilant. Mobile communications may be disrupted without notice. Follow the advice of local authorities and monitor local media for updates. The […] SmartravellerKazakhstan 2024-10-18We've reviewed our advice for Kazakhstan and have lowered the overall travel advice level. We now advise exercise normal safety precautions. Visa-free entry is available for Australians. Entry requirements can change at short notice. Contact the nearest embassy or consulate of Kazakhstan to confirm entry requirements before you travel. Terrorism is a threat across Central Asia including […] SmartravellerHaiti 2024-10-18We continue to advise do not travel to Haiti. The security situation is volatile. Violent crime is common, including murder, armed robbery, kidnapping, assault, sexual assault and carjacking. There's a countrywide State of Emergency in effect in response to gang violence. Air, land and sea borders between Haiti and the Dominican Republic are closed. Airports […] SmartravellerLebanon 2024-10-14We continue to advise Australians not to travel to Lebanon due to the volatile security situation and the risk of the security situation deteriorating further. Australians in Lebanon should leave immediately while commercial flights remain available. You should take the first available flight and not wait for a preferred route. Beirut airport could close, and you may be unable […] SmartravellerEcuador 2024-09-26Forest fires are affecting some regions in Ecuador, including Quito. Monitor local media and follow the advice from the local authorities. There's electricity and water shortages, including planned outages which are affecting the country. Check with your local provider for details. Ecuador is under a state of 'internal armed conflict' due to crime. A separate […] SmartravellerNew Caledonia 2024-09-25We continue to advise reconsider your need to travel to New Caledonia due to ongoing civil unrest and travel disruptions. Political tensions and unrest may increase at short notice. There’s an increased police and security presence. Security incidents, including arson and carjacking continue across the country. Political demonstrations and protests may turn violent at short […] SmartravellerVanuatu 2024-09-02Air Vanuatu has recommenced limited domestic charter services between Port Vila and Santo, and Port Vila and Tanna. Following an incident involving a domestic charter flight, Australian High Commission staff have been advised not to use Air Taxi Vanuatu until further notice. (See ‘Travel’). Smartraveller The Hacker NewsChinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain 2024-10-21The prolific Chinese nation-state actor known as APT41 (aka Brass Typhoon, Earth Baku, Wicked Panda, or Winnti) has been attributed to a sophisticated cyber attack targeting the gambling and gaming industry. "Over a period of at least six months, the attackers stealthily gathered valuable information from the targeted company including, but not limited to, network […] Guide: The Ultimate Pentest Checklist for Full-Stack Security 2024-10-21Pentest Checklists Are More Important Than Ever Given the expanding attack surface coupled with the increasing sophistication of attacker tactics and techniques, penetration testing checklists have become essential for ensuring thorough assessments across an organization’s attack surface, both internal and external. By providing a structured approach, these checklists help testers systematically THN Cybersecurity Recap: Top Threats, Tools and News (Oct 14 - Oct 20) 2024-10-21Hi there! Here’s your quick update on the latest in cybersecurity. Hackers are using new tricks to break into systems we thought were secure—like finding hidden doors in locked houses. But the good news? Security experts are fighting back with smarter tools to keep data safe. Some big companies were hit with attacks, while others […] Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers 2024-10-21Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to leak sensitive data. "The vulnerabilities range in severity: in many cases a malicious server can inject files, tamper with file data, and even gain direct access to plaintext," ETH Zurich researchers Jonas Hofmann and Kien […] Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials 2024-10-20Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal user credentials. Russian cybersecurity company Positive Technologies said it discovered last month an email that was sent to an unspecified governmental organization located in one of the […] North Korean IT Workers in Western Firms Now Demanding Ransom for Stolen Data 2024-10-20North Korean information technology (IT) workers who obtain employment under false identities in Western companies are not only stealing intellectual property, but are also stepping up by demanding ransoms in order to not leak it, marking a new twist to their financially motivated attacks. "In some instances, fraudulent workers demanded ransom payments from their former […] Acronym Overdose – Navigating the Complex Data Security Landscape 2024-10-19In the modern enterprise, data security is often discussed using a complex lexicon of acronyms—DLP, DDR, DSPM, and many others. While these acronyms represent critical frameworks, architectures, and tools for protecting sensitive information, they can also overwhelm those trying to piece together an effective security strategy. This article aims to demystify some of the most […] Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks 2024-10-19A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain. "The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk, PsExec, […] The Ultimate DSPM Guide: Webinar on Building a Strong Data Security Posture 2024-10-18Picture your company's data as a vast, complex jigsaw puzzle—scattered across clouds, devices, and networks. Some pieces are hidden, some misplaced, and others might even be missing entirely. Keeping your data secure in today’s fast-evolving landscape can feel like an impossible challenge. But there’s a game-changing solution: Data Security Posture Management (DSPM). Think of it […] U.S. and Allies Warn of Iranian Cyberattacks on Critical Infrastructure in Year-Long Campaign 2024-10-18Cybersecurity and intelligence agencies from Australia, Canada, and the U.S. have warned about a year-long campaign undertaken by Iranian cyber actors to infiltrate critical infrastructure organizations via brute-force attacks. "Since October 2023, Iranian actors have used brute force and password spraying to compromise user accounts and obtain access to organizations in the healthcare and Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign 2024-10-18Threat actors are leveraging fake Google Meet web pages as part of an ongoing malware campaign dubbed ClickFix to deliver infostealers targeting Windows and macOS systems. "This tactic involves displaying fake error messages in web browsers to deceive users into copying and executing a given malicious PowerShell code, finally infecting their systems," French cybersecurity company […] Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser 2024-10-18Microsoft has disclosed details about a now-patched security flaw in Apple's Transparency, Consent, and Control (TCC) framework in macOS that has likely come under exploitation to get around a user's privacy preferences and access data. The shortcoming, codenamed HM Surf by the tech giant, is tracked as CVE-2024-44133. It was addressed by Apple as part […] Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant 2024-10-17The Russian threat actor known as RomCom has been linked to a new wave of cyber attacks aimed at Ukrainian government agencies and unknown Polish entities since at least late 2023. The intrusions are characterized by the use of a variant of the RomCom RAT dubbed SingleCamper (aka SnipBot or RomCom 5.0), said Cisco Talos, […] Researchers Uncover Cicada3301 Ransomware Operations and Its Affiliate Program 2024-10-17Cybersecurity researchers have gleaned additional insights into a nascent ransomware-as-a-service (RaaS) called Cicada3301 after successfully gaining access to the group's affiliate panel on the dark web. Singapore-headquartered Group-IB said it contacted the threat actor behind the Cicada3301 persona on the RAMP cybercrime forum via the Tox messaging service after the latter put out an 5 Ways to Reduce SaaS Security Risks 2024-10-17As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, […] SideWinder APT Strikes Middle East and Africa With Stealthy Multi-Stage Attack 2024-10-17An advanced persistent threat (APT) actor with suspected ties to India has sprung forth with a flurry of attacks against high-profile entities and strategic infrastructures in the Middle East and Africa. The activity has been attributed to a group tracked as SideWinder, which is also known as APT-C-17, Baby Elephant, Hardcore Nationalist, Leafperforator, Rattlesnake, Razor […] U.S. Charges Two Sudanese Brothers for Record 35,000 DDoS Attacks 2024-10-17Federal prosecutors in the U.S. have charged two Sudanese brothers with running a distributed denial-of-service (DDoS) botnet for hire that conducted a record 35,000 DDoS attacks in a single year, including those that targeted Microsoft's services in June 2023. The attacks, which were facilitated by Anonymous Sudan's "powerful DDoS tool," singled out critical infrastructure, corporate […] Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk 2024-10-17A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability. "A security issue Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity 2024-10-16Threat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint detection and response (EDR) solutions and hide malicious activity. Trend Micro said it detected "threat actors attempting to integrate EDRSilencer in their attacks, repurposing it as a means of evading detection." EDRSilencer, inspired by the NightHawk FireBlock tool […] FIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different Platforms 2024-10-16The FIDO Alliance said it's working to make passkeys and other credentials more easier to export across different providers and improve credential provider interoperability, as more than 12 billion online accounts become accessible with the passwordless sign-in method. To that end, the alliance said it has published a draft for a new set of specifications […]