Oceania

Apple users advised to install latest iPhone and iPad iOS update

March 30, 2021 – Apple users are being urged to install the latest iOS software which fixes a security issue in both iPhones and iPad.

The tech giant released both iOS 14.4.2 and iPadOS 14.4.2 on Friday which, according to its security support website, relates to Webkit – the web browser engine used by Safari, Mail, App Store and dozens of other iOS apps. Source: 7news

WA Parliament hit by ‘suspected Chinese cyber attack’ during the election

March 17, 2021 – China is suspected of a cyber attack that hit West Australian Parliament in the midst of the state election.

The Parliament of Western Australia provided a statement to 7NEWS, confirming there was a ‘high probability’ the attack originated from the Asian state. Source: 7news

January 28, 2021 — Australia’s privacy watchdog has taken aim at a growing number of organisations that it says take too long to assess data breaches or that downplay the significance in customer notifications.

The Office of the Australian Information Commissioner (OAIC) issued multiple warnings in its latest report [pdf] on notifiable data breaches (NDB). Source: itnews

January 25, 2021 — Australia’s securities regulator has suffered a cyber security breach on a server it used to transfer files including credit licence applications where some information may have been viewed.

The Australian Securities and Investment Commission (ASIC) said it became aware of the incident on January 15 although it does not appear the credit licence forms or attachments were downloaded. Source: yahoo! news

January 24, 2021 — Australian Federal Police (AFP) investigators have raided several properties in Brisbane and the Gold Coast in relation to the shutdown of the world’s largest illegal dark web marketplace, DarkMarket.

The site was shut down after a 34-year-old Queensland man was arrested by German police last week near the German border with Denmark. Source: ABC

January 10, 2021 — On Sunday, New Zealand’s central bank reported that it was responding with urgency to a “malicious” breach of one of its data systems.

The Reserve Bank of New Zealand (RBNZ) announced that a third-party file-sharing service used by the bank to share and store some sensitive information was illegally accessed.

RBNZ Governor Adrian Orr said the breach had been contained and the bank’s main functions “remain sound and operational.” Source: DW

January 1st, 2021 — Think before you link to unknown people or profiles, and pause before you post professional and personal information online. It may be used by foreign spies or others to identify and then target you.

If a stranger reaches out online, ask yourself if you really know who you are talking to. The friendly, generous young person claiming to be a global head-hunter or think tank researcher might be trying to win your trust and steal your secrets. Source: ESPC

Sydney: December 16, 2020 — An Australian regulator sued Facebook Inc on Wednesday accusing it of collecting user data without permission, building on government efforts around the world to rein in the social network.
The Australian Competition and Consumer Commission (ACCC) said it was seeking an unspecified fine from Facebook for promoting a virtual private network as a way for people to protect their data, while secretly using the information to pick targets for commercial acquisitions. Source: Reuters/Astro Awani

December 11, 2020 — The rise of COVID-19 around the world has caused businesses to accelerate their digitisation to succeed in the new reality in which they find themselves. Unfortunately, the cyberthreat landscape has adjusted just as quickly, forcing businesses to manage an increased range of potential breach points.

The coronavirus lockdown has forced an abrupt transition to a work-from-home arrangement for many businesses. The speed of this shift has, in some cases, meant that security measures and requirements have been bypassed to ensure short term continuity. Source: Dynamic Business

December 10, 2020 — Legislation that will give Australia’s cyber spooks the power to defend networks and systems of critical infrastructure against cyber attacks – much to the alarm of global tech companies – has been introduced to parliament.

The Security Legislation Amendment (Critical Infrastructure) Bill 2020 was introduced by Home Affairs Minister Peter Dutton on Thursday, just a month after the release of the exposure draft. Source: ITNews

Canberra: December 8, 2020 – A 26-year-old Canberra woman has been accused of attempted murder for allegedly arranging a contract for the killing of her own parents over the dark web.

Police claim they were tipped off by an international journalist in the United Kingdom in October this year.
The journalist told them a person had allegedly made an online payment and shared details about how to target the two alleged victims. Source: 9news

December 1, 2020 — New privacy laws will come into force across New Zealand tomorrow (December 1) as authorities tighten rules regarding data protection.

The Privacy Act 2020 will mandate that organizations must report “serious” data breaches immediately if there is a “risk of harm”.

The term “risk of harm” isn’t specifically defined in the Act (non-HTTPS link), however it is assumed to refer to any data that has been leaked outside of an organization or public body. Source: The Daily Swig

November 23, 2020 — A Sydney hedge fund has collapsed after a cyber attack triggered by a fake Zoom invitation saw its trustee and administrator mistakenly approve $8.7 million in fraudulent invoices.

The scam, the latest in a series of strikes by offshore criminal gangs against Australian fund managers, has also ensnared ANZ after the bank failed to stop almost $800,000 being withdrawn from an account linked to the cyber criminals. Source: Financial Review 

November 22, 2020 — Thousands of New Zealanders may have been caught up in a massive online data breach connected to Nitro PDF software.

The email addresses and hashed passwords of about 2.6 million users of Australian Nitro PDF software were published online.

New Zealand cyber security watchdog Cert said on Saturday it had contacted thousands of New Zealanders to warn them their online security may have been jeopardised by the massive online data breach. Source: RNZ

November 13, 2020 — The Australian government has issued a security alert today urging local health sector organizations to check their cyber-security defenses, and especially their controls for detecting and stopping ransomware attacks.

The Australian Cyber Security Center said it “observed increased targeting activity against the Australian Health sector by actors using the SDBBot Remote Access Tool (RAT).” Source: ZDNet

November 8, 2020 — The federal government recently closed consultation on a package of reforms focused on protecting critical infrastructure and systems of national significance.

With that part of the process wrapped up, the government is now looking to introduce an enhanced regulatory framework, which would build on existing requirements under the Security of Critical Infrastructure Act 2018. This includes: A positive security obligation (PSO) for critical infrastructure entities, supported by sector-specific requirements; enhanced cybersecurity obligations for those entities most important to the nation; and government assistance to entities in response to significant cyber attacks on Australian systems. Source: ZDNet

October 30, 2020 — The federal government has kicked off its review of the Privacy Act, which will consider whether Australians should have the right to have their personal information erased like in the European Union, among other reforms. Source: IT News

October 27, 2020 — Media monitoring provider Isentia has suffered a “cyber security incident” that is affecting its flagship intelligence and insights service.

The company said in a financial filing on Tuesday that it is “urgently investigating” the incident, which is “disrupting services within its SaaS platform Mediaportal”. Source: ITNews

October 19, 2020 — UNSW Canberra has partnered with Telstra to co-develop two cyber security micro-credentials covering security fundamentals and secure coding.

Although the initial intake of students will comprise 100 Telstra employees, the online courses will eventually be open to people in all types of roles, Telstra’s Asia Pacific chief information security officer Narelle Devine said. Source: IT News

New Zealand: October 19, 2020 — “The Kiwi ‘she’ll be right’ attitude won’t cut the mustard anymore when it comes to cyber security,” says CERT NZ Director Rob Pope.

“CERT NZ’s incident data, and information provided by our global partners tells us that cyber attacks have become more sophisticated, persistent and harder to detect than ever before. Source: CERTNZ

October 12, 2020 — While the federal government has been lauded to a certain extent for its 2020 Cyber Security Strategy, including the $1.35 billion Cyber Enhanced Situational Awareness and Response package, it has missed the chance to take a lead in introducing a stronger regulatory framework for cyber security suggest some industry leaders. Source: Financial Review

Article by Wontok head of technology Mick Esber.

October 2, 2020 — All organisations are vulnerable to cybercrime, but SMEs typically have far fewer resources to protect themselves. That’s why Australia’s Cybersecurity Strategy 2020, which includes assistance to small and medium enterprises (SMEs) to grow and increase their cybersecurity awareness and capabilities, is welcome. Source: Security Brief

Australia: September 30, 2020 — Innovation and ICT Minister Dave Kelly yesterday announced $1.8 million of funding in the upcoming State Budget for the establishment of the State Government’s new Cyber Security Operations Centre.

The new whole-of-government Cyber Security Operations Centre will significantly improve visibility of the cyber threats against agencies’ networks and the Government’s capability to detect and respond to cyber security incidents. Source: ESPC

Sydney, Australia: September 24, 2020 — Two men have been arrested for their alleged involvement in an Australian-based fraud syndicate working to steal identities and money from thousands of Australians through a sophisticated SMS phishing scheme. Source: ESPC

Australia: September 1, 2020 — For a second year running, AustCyber has partnered with the Australian Federal Police’s (AFP) National Missing Persons Coordination Centre, and Canadian-based not-for-profit Trace Labs, to convene a missing persons capture the flag event during Australian Cyber Week.

Through its podcast series ‘OzCyber Unlocked’, AustCyber announced the National Missing Persons Hackathon 2020 will be held as an online event on Thursday, 29 October 2020. Source: AustCyber

New Zealand: August, 26, 2020 – The attack shut down trading from about 11.20am. The NZX announced this afternoon it would reopen for trading at 3pm.

The NZX was attacked yesterday afternoon, cutting trading short by an hour.

It opened this morning and traded for about an hour before coming to a halt.

A spokesperson said it appeared it was being affected in a similar way to yesterday’s overseas distributed denial of service attack. Source: RNZ

Australia: July 20, 2020 – A massive data breach has exposed thousands of Western Australians’ sensitive medical records and leaked them online.

The state’s confidential coronavirus management system stores thousands of medical alerts, notifications and requests, including doctor and patient names, their addresses, phone numbers and health concerns. Source: 9NEWS
Australia: July 15, 2020 – Australia is one of the world’s most hacked countries, according to recently released data.
The data was compiled by the Centre for Strategic and International Studies and shows Australia coming in at equal sixth place, with 16 major cyber attacks in the period between May 2006 and June 2020. Source: 9NEWS
 

New Zealand: July 15, 2020 – New Zealand Police are investigating the possible hacking of a research company, and the potential compromise of information sent to the company by Police for the purposes of service quality research. Source: ESPC Editor

Australia: July 3, 2020 – The Australian Federal Police has charged a 32-year-old Blacktown man over a spam email campaign related to the upcoming Eden-Monaro by election. Source: AFP

New Zealand: June 27, 2020 – State-based cyber attacks are not new, and people who do not take their cyber risks seriously could get an “awful surprise”, says former Prime Minister Sir John Key.

Key spoke at the launch of tech industry hub Umbrellar Connect on Friday.

Key is on the board of cybersecurity firm Palo Alto. Source: Stuff Limited

April, 2020 – “The Oceania region is at a crossroads, with physical security challenges headlined by a changing climate providing an existential threat to many of the Pacific Island nations that call the region home. Furthermore, the region has become a geopolitical battleground with major actors including Australia, China, the European Union, New Zealand, and the US all working to gain influence. During the Pacific Islands Forum in late 2018, Pacific Island leaders outlined their security concerns through the Boe Declaration – a pronouncement that looked to establish an expanded concept of security. Source: Communications of the ACM