Welcome to the AusCERT web log, where AusCERT will informally discuss current activity and interesting developments in the area of information security, Internet security and computer network attacks.
This is a channel for the timely release of unstructured information which may not be suited to our standard bulletins or other publications. A trade off of providing timely information is that it may be unverified or contain inaccuracies. However, if the accuracy of information changes or new information comes to light about an issue, we will always endeavour to update our web log.
We welcome comments and corrections of any of the information contained in the blog. Please contact firstname.lastname@example.org to provide feedback.
Malware targetting bank ATMs
- New malware capable of forcing ATMs to dispense all its cash.
Audio recording of CBA telephone phishing
- Audio captured from CBA phishing attacks
Phishing attacks by telephone
- Fraudsters are using voice systems for phishing.
- There's been a good three weeks of bank phishes and some important Microsoft updates to be had.
- Google are publishing a list of reply addresses being used in phishing campaigns.
The conference ends but the vulnerabilities continue
- AusCERT2009 a great success
- MS, Apple and Adobe Patches critical flaws.
All quiet on the eastern front....
- A quiet week approaching the AusCERT Conference...
April draws to a close...
- With April finally drawing to a close we've seen a numerous vulnerabilities
announced and patches released to combat them.
- Get your immunity here!
I love SRP!
- Quick blog with a demo of how Software Restriction policy can enhance your security.
- When will we see malware emails using this?
- Patching required for Mozilla; resurgent phishing tricks.
Aggressive Patching and an Aggressive Trojan
- More patching for the Windows and Oracle admins and Waldecs new hook.
More patches for Easter
- A number of vulnerabilities have been corrected in VMware and Cisco products
- Conficker activated but remains quiet.
Taking things outside the Operating System
- We often see malware infecting operating systems and trying to hide itself. What if it isn't inside the operating system?
Conficker kicks off...
- A running log of what AusCERT is seeing as Conficker wakes up
- Two worms are currently in circulation, one which will have unknown consequences come April 1st.
The fox resurfaced
- Don't wait to patch up!
Trojans that know where you live!
- ...well maybe not but it can seem that way for the latest runs of the Waledac trojan.
Patch will eat itself
- Plenty of patches this week, including a small one to correct a previous patch with it's very own vulnerability.
Another day... another browser vulnerability.
- This week has been a notable week for a number of reasons. One of the most common tools that we all use is the web browser, and of course, as a result it is also one of the tools which carries the greatest security risks due to its widespread use and the nature of the tool's use.
The end of February, and still more unpatched vulnerabilities...
- A number of known but unpatched vulnerabilities are still out there this week...
More vuls, but not all patched!
- A number of unpatched vulnerabilities have been discovered this week. The top of the list, a 0-day in Adobe Acrobat Reader.
Small increase in port scanning
- We have seen a small increase in port scanning of some common ports.
February patch rollouts and some tough love.
- Microsoft and Apple release their patches, will the scammers be releasing Valentines mayhem?
New Fox, Bird, Monkey and ...Squid
- Multiple Mozilla updates and AusCERT2009 registration open.
Beware the ides of... February, err... Valentine's Day!
- With Valentine's Day coming up just around the corner, as in previous years, we can all expect an onslaught of Valentine's Day related spam emails to arrive in our e-mail accounts over the course of the next few weeks.
Conficker/Downadup Worm attracts much media attention
- This week has seen a large amount of media attention given towards the spread
of the Conficker/Downadup Worm.
Back into the swing of it
- The first Microsoft and Oracle patch cycles for the year.
Large run of email account phishing
- A large run of email account phishing has been seen over the last week targeting ISP's and Universities
Block list available for the MS08-067 (Downadup/Conflicker) worm
- F-Secure have produced a list of domains used by the MS08-067 (Downadup/Conflicker) worm
Infections and Patches
- A week for Linux updates and some heavy hitting banking malware.
The Year Begins
- A quiet Christmas, A New Year
Previous 1, 2, 3 ... 10, 11, 12, 13, 14, 15 Next
denotes AusCERT member only content.