AusCERT Web Log: The AusCERT web log is where our staff have the opportunity to informally discuss current activity and interesting developments in the area information security.
Member Newsletters: Complete archive of news letters distributed to AusCERT members
Presentations and Papers:
Malicious Flash Sites Taking Over the Clipboard
- Through the use of a standard flash function attackers are attempting to lead viewers to malicious sites.
Submission to the e-security review
- An interesting insight into where the Bad Guys want to go.
AusCERT Home Users Computer Security Survey
- The AusCERT Home Computer Users Security Survey 2008 was prepared to assess the security posture of home Internet users, their level of security awareness and attitudes to Internet security. The survey aims to raise awareness of home Internet computer security issues.
A lower total cost of 0wn3rship
- What do you do when your website is infecting your customers and your hosting
provider won't take your calls?
All your patch are belong to Oracle.. and Clam.. and Mozilla oh wait and Microsoft..
- This week (yesterday specifically) saw two browsers issue critical security
All your $_SERVER variables are belong to php-syslog-ng-2.9.7.
- A newly added "feature" of php-syslog-ng leaks information back to the author. tsk tsk.
Protecting your computer from malicious code
- This paper provides practical advice for protecting the PC desk top environment from malicious code for home users, SMEs or organisations without dedicated IT staff.
Filtering AusCERT Bulletins
- Small guide on optimising the bulletins.
Practical Computer Security slides
- AusCERT has released a basic Microsoft Powerpoint presentation to assist organisations with providing introductory computer security awareness training to individuals.
Following the rabbit hole
- Ever wondered just how thoroughly compromised an administrator can get with one click?
Storm, Porn and Brawn
AusCERT DDoS Paper
- This paper has been developed by AusCERT to share some of the experiences, and lessons learned from a Distributed Denial of Service attack on the AusCERT web server.
AusCERT submission to the ALRC's Review of the Privacy Act
Drive-by malware on the increase
- We have been predicting an increase in drive-by malware attacks for some time and it seems that in the UK, a noticeable change in this direction has occurred.
A newly registered Australian political party trials online voting in Australia
- A newly registered Australian political party, Senator Online (SOL), is developing a web-based voting system to help inform how elected SOL senators cast their votes in the Senate. If SOL candidates are elected to the Senate, AusCERT assesses that the online voting mechanisms being used are vulnerable to manipulation by attackers within Australia or around the world and hence could be used to manipulate the Australian democratic process.
AusCERT UNIX and Linux Security Checklist
- This document is designed to assist system administrators in organisations of all sizes by providing a concise guide to running UNIX and Linux systems securely.
Review of the .au domain name policy framework - submission to auDA
- How the domain name space is administered affects the ability of attackers to launch attacks against Internet users. AusCERT recommends policies and procedures be adopted by registrars to minimise the misue of the domain name registration and deregistration process to facilitate various forms of cybercrime.
Electronic Funds Transfer (EFT) Code of Conduct Review
- ASIC is reviewing the terms of the EFT Code of Conduct. AusCERT has made a submission about some aspects of the code and proposals raised in ASIC's discussion paper on the EFT Code of Conduct Review.
Haxdoor - Anatomy of an ID Theft Attack Using Malware
- This paper presents a case study about a series of related online ID theft trojan attacks that used Haxdoor variants and which targeted Australian and other Internet users. The paper describes the attack methodology and provides insight into the impact this type of attack can have on individuals, organisations and economies.
AusCERT submission to the Review of the structure and operation of the .au Internet domain 2006
- How the domain name space is administered affects the ability of attackers to launch attacks against Internet users. Therefore, AusCERT recommends that policies and procedures be adopted to minimise the misue of the domain name registration and deregistration process to facilitate various forms of cybercrime.
Tor anonymisation: a network defender's primer
- Tor (The Onion Router) is an Internet privacy application that is in its infancy, but is already changing the playing field on which network defenders must compete. This guide looks at what Tor is, how it works, and what it means for you as a network defender.
AusCERT Submission to the e-Security National Agenda Review
- As noted in the Review of the E-Security National Agenda Discussion Paper, the Internet threat landscape has changed fundamentally since 2001 when the e-Security National Agenda framework was first released.
Based on this fundamental change, this review provides an opportunity for the Australian government to consider implementing a range of practical strategies that will help reduce the level of Internet based attacks emanating from or targeting Australian networks, particularly those motivated by illicit financial gain.
2006 Australian Computer Crime and Security Survey
- The survey provides the most up to date and authoritative analysis of computer network attack and computer misuse trends in Australia for 2006. The survey aims to raise awareness of the complex nature of computer security issues, identify areas of concern and, where appropriate, to motivate organisations to take a more active role in protecting their systems.
AusCERT Submission to the Review of the Spam Act 2003
- The Australian Communication and Media Authority invited submissions from the public concerning the Spam Act 2003. AusCERT's submission to this review is here.
Case study: Anatomy of a web defacement
- The case study contains an in-depth analysis of a corporate web site defacement, with details on how the attack was performed and what system administrators can do to avoid similar incidents.
Case study: personalised phishing site
- A phishing attack has been seen recently in the wild where the attacker strengthened the credibility of their fraudulent site by including legitimate, previously obtained user details, such as home addresses and card numbers.
E-government phishing attack was aided by poor coding on legitimate government web site
Managing Risk Associated with Online ID Theft for Government and Providers of e-Government Services
Trends and Developments in Online ID Theft - Update, No. 2
Implications of Trends and Developments in Online ID Theft, No. 1
Update on Kezaam SecuryTeam Spam and Associated Trojan Incident
- This paper provides an overview of a recent "Kezaam SecuryTeam" incident which involved a wide spam run in Australia and elsewhere that attempted to induce recipients to click on a link to a web site for the purposes of installing malicious software.
Windows Rootkit Prevention and Detection
- This document is intended to introduce Windows system administrators to the concepts necessary to understand the threat posed by rootkits on the Windows platform.
The document also outlines tools and techniques that system administrators, and those responsible for incident response can use to detect and respond to rootkits on the Windows platform.
Risk of Compromise for Organisations using SSL
- Specialised software being used by some marketing companies poses a serious threat to the confidentiality and integrity of sensitive data organisations seek to protect through their secure socket layer (SSL) enabled web connections. This paper provides information about this threat, its potential impact on organisations wishing to protect access to confidential web data using SSL and explains what can be done to mitigate the risk. In particular we examine the potential for an SSL man-in-the-middle technique to be used to facilitate online banking fraud compared to other methods of online identity theft.
2005 Australian Computer Crime and Security Survey
- AusCERT members are encouraged to participate in the 2005 Australian Computer Crime and Security Survey, which is produced by the AHTCC, the AFP, all state police forces and AusCERT. The secure survey web-based questionnaire will be available until Monday, 7 March 2005.
Previous 1, 2, 3, 4 Next
denotes AusCERT member only content.