January 28,2021 — Australia’s privacy watchdog has taken aim at a growing number of organisations that it says take too long to assess data breaches or that downplay the significance in customer notifications.
January 24, 2021 — Australian Federal Police (AFP) investigators have raided several properties in Brisbane and the Gold Coast in relation to the shutdown of the world’s largest illegal dark web marketplace, DarkMarket.
The site was shut down after a 34-year-old Queensland man was arrested by German police last week near the German border with Denmark. Source: ABC
January 10, 2021 — On Sunday, New Zealand’s central bank reported that it was responding with urgency to a “malicious” breach of one of its data systems.
The Reserve Bank of New Zealand (RBNZ) announced that a third-party file-sharing service used by the bank to share and store some sensitive information was illegally accessed.
RBNZ Governor Adrian Orr said the breach had been contained and the bank’s main functions “remain sound and operational.” Source: DW
January 1st, 2021 — Think before you link to unknown people or profiles, and pause before you post professional and personal information online. It may be used by foreign spies or others to identify and then target you.
If a stranger reaches out online, ask yourself if you really know who you are talking to. The friendly, generous young person claiming to be a global head-hunter or think tank researcher might be trying to win your trust and steal your secrets. Source: ESPC
December 11, 2020 — The rise of COVID-19 around the world has caused businesses to accelerate their digitisation to succeed in the new reality in which they find themselves. Unfortunately, the cyberthreat landscape has adjusted just as quickly, forcing businesses to manage an increased range of potential breach points.
The coronavirus lockdown has forced an abrupt transition to a work-from-home arrangement for many businesses. The speed of this shift has, in some cases, meant that security measures and requirements have been bypassed to ensure short term continuity. Source: Dynamic Business
December 10, 2020 — Legislation that will give Australia’s cyber spooks the power to defend networks and systems of critical infrastructure against cyber attacks – much to the alarm of global tech companies – has been introduced to parliament.
The Security Legislation Amendment (Critical Infrastructure) Bill 2020 was introduced by Home Affairs Minister Peter Dutton on Thursday, just a month after the release of the exposure draft. Source: ITNews
Canberra: December 8, 2020 – A 26-year-old Canberra woman has been accused of attempted murder for allegedly arranging a contract for the killing of her own parents over the dark web.
December 1, 2020 — New privacy laws will come into force across New Zealand tomorrow (December 1) as authorities tighten rules regarding data protection.
The Privacy Act 2020 will mandate that organizations must report “serious” data breaches immediately if there is a “risk of harm”.
The term “risk of harm” isn’t specifically defined in the Act (non-HTTPS link), however it is assumed to refer to any data that has been leaked outside of an organization or public body. Source: The Daily Swig
November 23, 2020 — A Sydney hedge fund has collapsed after a cyber attack triggered by a fake Zoom invitation saw its trustee and administrator mistakenly approve $8.7 million in fraudulent invoices.
The scam, the latest in a series of strikes by offshore criminal gangs against Australian fund managers, has also ensnared ANZ after the bank failed to stop almost $800,000 being withdrawn from an account linked to the cyber criminals. Source: Financial Review
November 22, 2020 — Thousands of New Zealanders may have been caught up in a massive online data breach connected to Nitro PDF software.
The email addresses and hashed passwords of about 2.6 million users of Australian Nitro PDF software were published online.
New Zealand cyber security watchdog Cert said on Saturday it had contacted thousands of New Zealanders to warn them their online security may have been jeopardised by the massive online data breach. Source: RNZ
November 13, 2020 — The Australian government has issued a security alert today urging local health sector organizations to check their cyber-security defenses, and especially their controls for detecting and stopping ransomware attacks.
The Australian Cyber Security Center said it “observed increased targeting activity against the Australian Health sector by actors using the SDBBot Remote Access Tool (RAT).” Source: ZDNet
November 8, 2020 — The federal government recently closed consultation on a package of reforms focused on protecting critical infrastructure and systems of national significance.
With that part of the process wrapped up, the government is now looking to introduce an enhanced regulatory framework, which would build on existing requirements under the Security of Critical Infrastructure Act 2018. This includes: A positive security obligation (PSO) for critical infrastructure entities, supported by sector-specific requirements; enhanced cybersecurity obligations for those entities most important to the nation; and government assistance to entities in response to significant cyber attacks on Australian systems. Source: ZDNet
October 30, 2020 — The federal government has kicked off its review of the Privacy Act, which will consider whether Australians should have the right to have their personal information erased like in the European Union, among other reforms. Source: IT News
October 27, 2020 — Media monitoring provider Isentia has suffered a “cyber security incident” that is affecting its flagship intelligence and insights service.
The company said in a financial filing on Tuesday that it is “urgently investigating” the incident, which is “disrupting services within its SaaS platform Mediaportal”. Source: ITNews
October 19, 2020 — UNSW Canberra has partnered with Telstra to co-develop two cyber security micro-credentials covering security fundamentals and secure coding.
Although the initial intake of students will comprise 100 Telstra employees, the online courses will eventually be open to people in all types of roles, Telstra’s Asia Pacific chief information security officer Narelle Devine said. Source: IT News
New Zealand: October 19, 2020 — “The Kiwi ‘she’ll be right’ attitude won’t cut the mustard anymore when it comes to cyber security,” says CERT NZ Director Rob Pope.
“CERT NZ’s incident data, and information provided by our global partners tells us that cyber attacks have become more sophisticated, persistent and harder to detect than ever before. Source: CERTNZ
October 12, 2020 — While the federal government has been lauded to a certain extent for its 2020 Cyber Security Strategy, including the $1.35 billion Cyber Enhanced Situational Awareness and Response package, it has missed the chance to take a lead in introducing a stronger regulatory framework for cyber security suggest some industry leaders. Source: Financial Review
Article by Wontok head of technology Mick Esber.
October 2, 2020 — All organisations are vulnerable to cybercrime, but SMEs typically have far fewer resources to protect themselves. That’s why Australia’s Cybersecurity Strategy 2020, which includes assistance to small and medium enterprises (SMEs) to grow and increase their cybersecurity awareness and capabilities, is welcome. Source: Security Brief
Australia: September 30, 2020 — Innovation and ICT Minister Dave Kelly yesterday announced $1.8 million of funding in the upcoming State Budget for the establishment of the State Government’s new Cyber Security Operations Centre.
The new whole-of-government Cyber Security Operations Centre will significantly improve visibility of the cyber threats against agencies’ networks and the Government’s capability to detect and respond to cyber security incidents. Source: ESPC
Sydney, Australia: September 24, 2020 — Two men have been arrested for their alleged involvement in an Australian-based fraud syndicate working to steal identities and money from thousands of Australians through a sophisticated SMS phishing scheme. Source: ESPC
Australia: September 1, 2020 — For a second year running, AustCyber has partnered with the Australian Federal Police’s (AFP) National Missing Persons Coordination Centre, and Canadian-based not-for-profit Trace Labs, to convene a missing persons capture the flag event during Australian Cyber Week.
Through its podcast series ‘OzCyber Unlocked’, AustCyber announced the National Missing Persons Hackathon 2020 will be held as an online event on Thursday, 29 October 2020. Source: AustCyber
New Zealand: August, 26, 2020 – The attack shut down trading from about 11.20am. The NZX announced this afternoon it would reopen for trading at 3pm.
The NZX was attacked yesterday afternoon, cutting trading short by an hour.
It opened this morning and traded for about an hour before coming to a halt.
A spokesperson said it appeared it was being affected in a similar way to yesterday’s overseas distributed denial of service attack. Source: RNZ
New Zealand: July 15, 2020 – New Zealand Police are investigating the possible hacking of a research company, and the potential compromise of information sent to the company by Police for the purposes of service quality research. Source: ESPC Editor
New Zealand: June 27, 2020 – State-based cyber attacks are not new, and people who do not take their cyber risks seriously could get an “awful surprise”, says former Prime Minister Sir John Key.
Key spoke at the launch of tech industry hub Umbrellar Connect on Friday.
Key is on the board of cybersecurity firm Palo Alto. Source: Stuff Limited
April, 2020 – “The Oceania region is at a crossroads, with physical security challenges headlined by a changing climate providing an existential threat to many of the Pacific Island nations that call the region home. Furthermore, the region has become a geopolitical battleground with major actors including Australia, China, the European Union, New Zealand, and the US all working to gain influence. During the Pacific Islands Forum in late 2018, Pacific Island leaders outlined their security concerns through the Boe Declaration – a pronouncement that looked to establish an expanded concept of security. Source: Communications of the ACM