The Australian Cyber Security Centre (ACSC) has released an advisory regarding an ongoing cyber campaign involving “copy-paste compromises” targeting Australian government and commercial networks. According to the advisory, a sophisticated malicious cyber actor is carrying out the campaign using open-source code that exploits known remote code execution vulnerabilities and spearphishing attacks.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the tactics, techniques, and procedures and mitigations identified in ASCS Advisory 2020-008 as well as:
- CISA Security Tip: Questions Every CEO Should Ask About Cyber Risks
- CISA Security Tip: Understanding Patches and Software Updates
- CISA Security Tip: Supplementing Passwords
This product is provided subject to this Notification and this Privacy & Use policy.