Australia’s Cyber Security Centre explains the techniques used by hackers

2020-6-30 16:12

Australian Cyber Security Centre warns citizens of ‘crypto-jacking’ malware

The Australian Cyber Security Centre released an advisory last week explaining the tactics, techniques and procedures (TTP) identified during the Centre’s investigation of a cyber campaign against Australian networks.

It stated that the government recognised the coordinated cyber- targeting against Australian institutions and was currently working towards a response to the same. The 48-page-long report outlined the various vulnerabilities being exploited by the “group of state actors” and cautioned the Australian public about crypto-jacking malware attacks.

“The Australian Government is currently aware of, and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor,” the report stated.

Four major vulnerabilities were highlighted in the report — the use of remote code execution vulnerability in unpatched versions of Telerik UI, a vulnerability in Microsoft Internet Information Services (IIS), a 2019 SharePoint vulnerability and the 2019 Citrix vulnerability.

Instances of cyber-criminals using spear-phishing techniques have also been recorded.

“Once initial access is achieved, the actor utilised a mixture of open source and custom tools to persist on, and interact with, the victim network. Although tools are placed on the network, the actor migrates to legitimate remote accesses using stolen credentials,” the report explained.

The critical vulnerability in Telerik UI, including CVE-2019-18935, is the same vulnerability that was recently leveraged by the Blue Mockingbird malware gang to infect thousands of systems with XMRRig, a Monero mining software. Although the report’s elaboration on the CVE-2019-18935 vulnerability displays similarities to the modus operandi of the Blue Mockingbird attack, it cannot be considered as an indication that such a gang participated in the organised attacks.

More than 10 Chinese hacker groups with alleged connections to the Chinese Government have PlugX malware, one of the malware identified in the Australian Government’s report, in their arsenal.

Rising diplomatic tensions between the two countries regarding the investigation into the origin of the Coronavirus have led some Australian officials to suggest that China could be behind the targeted cyber-attack.

“We have some of the best agencies in the world … working on this and that means that they are putting all of their efforts into thwarting these attempts,” Australian Prime Minister Scott Morrison recently stated.

The post Australia’s Cyber Security Centre explains the techniques used by hackers appeared first on Coin Journal.

Similar to Notcoin - Blum - Airdrops In 2024

origin »

Cyber Movie Chain (CMCT) íà Currencies.ru

$ 0 (+0.00%)
Îáúåì 24H $0
Èçìåíåèÿ 24h: 0.00 %, 7d: 0.00 %
Cåãîäíÿ L: $0 - H: $0
Êàïèòàëèçàöèÿ $0 Rank 99999
Öåíà â ÷àñ íîâîñòè $ 6.0E-7 (-100%)

security centre cyber hackers australia australian used

security centre → Ðåçóëüòàòîâ: 15


Ôîòî:

Russian cyber spooks piggyback Iranian hackers to spy on 35 countries

Cybercriminals with ties to the Russian government have been found to piggyback on hacking tools developed by Iranian threat groups to mount their own attacks against 35 countries. The findings — based on a joint report by the US National Security Agency and the UK’s National Cyber Security Centre (NCSC) — reveal the focus of the activity was largely in the Middle East, where the targeting interests of both Advanced Persistent Threats (APTs) overlap.

2019-10-22 10:07


PlayChip ICO

The PlayChip is at the centre of an incentivised, blockchain-enabled sports community and gaming ecosystem. Following the migration of the PlayChip to the blockchain, holders of the PlayChip will be able to seamlessly transfer funds between the various sites accepting the token through our revolutionary PlayWallet, through which they will also be able to buy and sell the token directly via our partnered exchange, the PlayXchange.

2018-7-5 23:48