Strong, vivid language about the cyber threats facing Australia from Clare O'Neil MP. She's spot on. #infosec #auspol theguardian.com/australia-news…

Latitude Financial -- believed to be the largest breach ever in Australia — says its incident was a ransomware attack and that it won’t pay. #infosec #auspol smh.com.au/business/compa…

Australia is facing a cyber security skills shortage that coincides with rising threats. Story by Rhiannon Shine w/ good commentary from @JacksonHHax about ethical hacking and the importance of vulnerability disclosure programs. youtube.com/watch?v=2vPqoe… #infosec #auspol

Busted. #australia

A deep dive investigation into ransomware and other cybercrime affecting Australia by Four Corners. W/ @kmansted, Jon DiMaggio, Clare O'Neil MP, yours truly and more. Diligent work from Jessica Longbottom, John Lyons + @jeanavivem. #infosec #auspol youtube.com/watch?v=4m6Ydx…

Just received notification from Latitude that I'm in the breach. 😬

Here we go. Trying this.

I had a slight feeling of imposter syndrome collecting these a week ago at the Lizzies awards (I left journalism in November). Thanks Influencing AU + sponsors + all the awesome Aussie journos/podcasters/content creators for a great night.

Australia accused a 33-year-old Russian Aleksandr Ermakov of the Medibank data breach and extortion attempt. Intel 471 has compiled a profile of Ermakov and his long-known links to cybercrime. It's a good read. intel471.com/blog/medibanks… #infosec #CTI

NEW: The LockBit ransomware gang threatened to leak documents stolen from Fulton County, GA's court, where Trump and 18 co-defendants stand accused of crimes related to the 2020 election. Then all mention of the leak disappeared. Andy Greenberg (@agreenberg at the other places) reports: wired.com/story/lockbit-…

MediSecure says the health and personal data of 12.9 million people who use its prescription services between March 2019 to Nov. 2023 were affected by the ransomware incident. But the company doesn't have enough money to ID those affected due to the large volume of data. 😬

Here's CrowdStrike's advice if hosts are crashing: 1. Boot Windows into Safe Mode or the Windows Recovery Environment 2. Navigate to the C:\Windows\System32\drivers\CrowdStrike directory 3. Locate the file matching “C-00000291*.sys”, and delete it. 4. Boot the host normally.

No kidding: here's the advice from Microsoft that as many as 15 reboots on a Windows VM may sort the Crowdstrike Falcon buggy update issue: status.cloud.microsoft 🫢

Threat actors have registered a heap of new domains referring to CrowdStrike and the outage. Beware of phishing, etc.

Best fake #infosec related ad in the print edition of The Onion. CC: Troy Hunt

Microsoft has been running massive deception campaigns that flood new phishing sites with bogus credentials for bogus companies on MS tenants. When attackers log in, they deliver a torrent of fresh threat intelligence that can be used to defend: #infosec youtube.com/watch?v=78qnM_…

Just finished Joseph Cox's excellent book Dark Wire, which describes how the FBI set up an encrypted phone device company, Anom, and lured thousands of criminals into using it, gaining visibility on every message they sent. Incredible story, and well reported.