Tag Archive for: australian

Australian black box website security checker unveiled | Information Age

/in


Most scanners do not perform a thorough job. Photo: Shutterstock

Most websites are vulnerable to attack, whether it’s opportunistic or intentional hacking, and the return on investment for cyber criminals can be substantial.

While website security scanning offers a line of protection, it’s not infallible.

To improve screening, a team of Australian and international researchers has just developed a new scanning tool to make sites less vulnerable to cyberattacks.

The black box security assessment prototype, tested by engineers in Australia, Pakistan and the UAE, was found to be more effective than existing web scanners.

UniSA mechanical and systems engineer Dr Yousef Amer, a member of the research team, said the researchers have been able to highlight numerous security vulnerabilities in website applications using the prototype.

Against a backdrop of escalating and more severe cyberattacks, and despite a projected $170 billion global outlay on internet security in 2022 according to Varonis, existing web scanners are falling way short when it comes to assessing vulnerabilities, noted Amer.

“We have identified that most of the publicly available scanners have weaknesses and are not doing the job they should,” said Amer.

These existing tools have less precision, accuracy and recall rate to determine web application vulnerabilities.

In addition, there are some vulnerabilities that most tools are unable to detect.

Dr Amer explained the black box prototype has better crawler coverage as it uses the high performing Arachni crawler.

“This enables us to find all possible web pages associated with the main website,” he told Information Age.

Serious vulnerabilities need to be identified

The researchers compared 11 publicly available web application scanners against the top 10 vulnerabilities in web applications and APIs identified by the Open Web Application Security Project (OWASP).

“We found that no single scanner is capable of countering all these vulnerabilities, but our prototype tool caters for all these challenges.

“It’s basically a one-stop guide to ensure 100 per cent website security,” he said.

The vulnerabilities included broken access control that…

Source…

Australian man alleges all of his iOS and macOS devices have been persistently hacked

/in




AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

An Australian man claims to be the victim of an incredibly wide and persistent hack of all of his Apple devices — but his claims that a dating app did it don’t quite add up.

Towards the tail-end of 2019, Simon Edwards noticed that legitimate websites began being populated by pop-up ads. He also encountered trouble sending emails even if the email service had confirmed a successful delivery, and his screens would “constantly jump and shake.”

He began receiving dozens of scam calls a week. Then, he noticed that app icons on his phone would gray out and become unusable. Soon after, he resorted to factory resetting his iPhone “every two hours”.

His smart TV, car, and security cameras were connected to the iPhone via Bluetooth. He noticed that apps were disappearing, and the security cameras would occasionally come up with gaps in their feeds. He also noticed that a “Pegasus spyware warning” would show up whenever he sent an email. Screen Mirroring has also been turned on inexplicably, streaming the live displays of his iPhone and laptop to “an unknown person.”

At the same time, he began to lose his social media accounts to hackers, he told News.com.au. After hackers racked up debt in his name, he had to cancel his credit card. His bank had to recover around $8000 in fraudulent spending on his credit card, Afterpay, and Uber accounts. $1500 was spent through his Apple ID account. A fraudulent tax agent added themselves to his ATO tax account, changing years of his tax lodgings, and tried to intercept a $10,000 tax return.

He began to wonder how the cyberattacks had been occurring. He first believed a work computer of his was infected and had spread the malicious code to the rest of his devices. This claim has been denied emphatically by his employer. His employer has also hired an independent third-party IT contractor, the latter finding no signs of any cyber breach on any of the firm’s work devices.

Edwards took his iPhone and laptop…

Source…

Chinese spy ship collected sensitive electronic data off Australian coast

/in


A Chinese spy ship spent three weeks off the coast of Australia in August and September collecting sensitive electronic data coming from some of the nation’s most important military facilities according to a report in The Daily Telegraph.

Federal Political Editor Daily Telegraph James Morrow said what’s really interesting is it came down when there were no military exercises being run.

“This ship is equipped with incredibly sensitive technology, antennas, all sorts of equipment for basically scooping up electronic communications, figuring out what’s going on,” he said on 6PR Breakfast.

“You can only think that this was coming down to probe the electronic side of our civilian and military capability … so that in a future conflict they would have an advantage over us, in both the interception of intelligence but also cyber warfare and being able to take our systems offline.”

Press PLAY to hear more below 

Image: 9news

Source…

Australian govt warns of escalating LockBit ransomware attacks

/in


Australian govt warns of escalating LockBit ransomware attacks

The Australian Cyber Security Centre (ACSC) warns of an increase of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021.

“ACSC has observed an increase in reporting of LockBit 2.0 ransomware incidents in Australia,” Australia’s cybersecurity agency said in a security alert issued on Thursday.

According to the agency, LockBit victims also report threats of having data stolen during the attacks leaked online, a known and popular tactic among ransomware gangs to coerce their targets into paying the ransoms.

Increasing number of attacks since July

“The majority of victims known to the ACSC have been reported after July 2021, indicating a sharp and significant increase in domestic victims in comparison to other tracked ransomware variants,” the ACSC added.

“The ACSC has observed LockBit affiliates successfully deploying ransomware on corporate systems in a variety of sectors including professional services, construction, manufacturing, retail and food.”

The agency also published a ransomware profile with additional information on the LockBit group, including initial access indicators, targeted sectors, and mitigation measures.

It added that these threat actors are opportunistic and could target organizations from any industry sector. Therefore, not being included in the list of already targeted sectors does not necessarily indicate LockBit’s target won’t switch to other industries.

The ACSC provides mitigations focused on LockBit TTPs (Tactics, Techniques, and Procedures), which include:

  • enabling multifactor authentication (MFA) on all accounts to block the use of stolen credentials
  • encrypting sensitive data at rest to block exfiltration of sensitive information
  • segmenting corporate networks and restricting admin privileges to block lateral movement and privilege escalation attempts
  • maintaining daily backups to reduce a successful attack’s impact
  • patching internet facing Fortinet device against CVE-2018-13379, a security bug heavily exploited by LockBit to breach networks

Organizations affected by these escalating ransomware attacks or who need assistance are advised to reach out using ACSC’s 1300 CYBER1 hotline.

From LockBit to…

Source…