Notes
Notes - notes.io |
Australia Faces another Global Bug
The COVID-19 virus has a grip on every aspect of our lives, and now an additional virus is on the loose.
Businesses and hospitals that have employees working on the go or remotely are in the front line, and this time the virus is digital.
Over the Christmas break during the Christmas break, the Australian Immunisation Register as well as the Medicare and Pharmaceutical Benefits Scheme portals required urgent improvements.
So far, they are winning the fight against intruders.
"We're not aware of any data being disclosed by third-party vendors, and we continue to collaborate with developers in the process of transitioning," Services Australia general manager Hank Jongen told AAP.
However, a quick scan by experts for intrusion might not be enough to defend against malicious attacks.
As well as being a "real and present danger" Intruders are residing in the software systems and could remain for years cyber-security experts warn.
Cyber-attacks are increasing as our lives and livelihoods continue to go online however, the so-called Log4j vulnerability is particularly noxious.
The flaw in a software component is affecting the Log4j Java system used by millions of Australians who are often unaware of it at home and at work computers, phones and apps that appear to be secure.
Microsoft suggests that you run periodic reviews and scans to detect new messages and malicious code.
"Due to the numerous software and services affected, and the rapid pace of updates, it is expected to take a long time for remediation, which will require ongoing, sustainable vigilance," Microsoft says.
Last week, the United States announced that it will sue companies that aren't protected against the bug or its variants.
Australia would likely do it if its laws allowed such a decisive step.
According to the US Federal Trade Commission (FTC) the vulnerability is being exploited by an increasing number of hackers, posing an extremely risk to millions of consumer products, enterprise applications and web-based applications.
China-based groups Hafnium and Aquatic Panda rapidly went on the attack just a few days after the flaw was discovered in December, as did hackers from Iran experts claim.
"When vulnerabilities are discovered and exploited, there is a risk of the loss or compromise of personal information, financial loss, and other irreparable harms," the FTC warned in a blog post.
The US Cybersecurity and Infrastructure Security Agency warns that no single step can solve the problem.
Under US law, there is a requirement to act, and that includes Australian organizations that operate in the United States.
The FTC states that it plans to make use of its "full legal authority" to pursue companies that fail to take reasonable steps to protect consumer data from exposure in the event of Log4j, or similar known vulnerabilities in the future.
When the credit company Equifax did not patch an issue that was well-known and exposed the personal data of 147 million customers, it was forced to settle a claim of $US700 million ($A974 million)
Back home, Services Australia is responsible for the data of millions of Australians but is linked to aged care facilities and other service providers whose systems need to be flexible, but are often fragile.
Intruders have discovered remote access software that can access applications and data, including MobileIron products in Australia.
The Australian Industry Group warned that many apps could be vulnerable. This could impact individuals, businesses and supply chains.
Ai Group states that a weakness in their security could let malicious actors to create malicious "logs" that could be used to gain control of data and computer systems.
The bug and its variants are being dealt with by the United Kingdom, United States of America, Canada, and New Zealand.
"The Log4Shell vulnerability within MobileIron products is actively targeted and exploited," the UK's National Health Service has warned.
Software developers and organizations including Java's Apache and MobileIron have acted swiftly.
Apple's iCloud, the platform for distribution of games Steam and Minecraft have also been patched holes.
PREMIUMEBOOKS
Australia's Employment Minister Stuart Robert has encouraged all businesses to take this issue seriously.
He stated, "It's a serious virus serious malware"
"I've been urging all businesses to take action at a level of urgency to make sure their servers, specifically their web servers, and any remote access via MobileIron are appropriately patched, and they should be doing this now."
Australian businesses, universities, and all government agencies are being warned to, at the very minimum, follow the steps to scan and upgrade software to ensure their security.
Microsoft claims to have seen many attackers add these vulnerabilities to existing malware kits and techniques. These include cryptocurrency miners and hands-on keyboard attacks.
"Organisations may not realise their environments may already be compromised," the firm says.
"At this point, customers should assume broad availability of exploit code and scanning capabilities to be an actual and immediate threat to their environment."
Many Australian aged health and care facilities claim on taxpayer funds using the dated business-to-government (B2G) software. They were warned to take action, but might not have received the notice.
Services Australia advised that customers should transition to web services as soon as possible in an email to developers in December.
"The agency is committed to changing away from the old adaptor technology to claiming online as quickly as possible.
"This is becoming more urgent due to the growing global Java vulnerability."
A parliamentary committee of the federal government was informed in the summer of last year that the agency blocks around 14 million suspicious emails per month and needs to constantly review security, make upgrades and patches to fix bugs.
Services Australia is currently working closely with the Australian Cyber Security Centre to tackle the threat that is evolving.
Mr. Jongen said that Services Australia would continue to implement the ACSC's mitigation and detection recommendations.
"The ACSC is working with all vendors in order to identify and mitigate Log4j weaknesses.
Here's my website: https://premiumebooks.net/
The COVID-19 virus has a grip on every aspect of our lives, and now an additional virus is on the loose.
Businesses and hospitals that have employees working on the go or remotely are in the front line, and this time the virus is digital.
Over the Christmas break during the Christmas break, the Australian Immunisation Register as well as the Medicare and Pharmaceutical Benefits Scheme portals required urgent improvements.
So far, they are winning the fight against intruders.
"We're not aware of any data being disclosed by third-party vendors, and we continue to collaborate with developers in the process of transitioning," Services Australia general manager Hank Jongen told AAP.
However, a quick scan by experts for intrusion might not be enough to defend against malicious attacks.
As well as being a "real and present danger" Intruders are residing in the software systems and could remain for years cyber-security experts warn.
Cyber-attacks are increasing as our lives and livelihoods continue to go online however, the so-called Log4j vulnerability is particularly noxious.
The flaw in a software component is affecting the Log4j Java system used by millions of Australians who are often unaware of it at home and at work computers, phones and apps that appear to be secure.
Microsoft suggests that you run periodic reviews and scans to detect new messages and malicious code.
"Due to the numerous software and services affected, and the rapid pace of updates, it is expected to take a long time for remediation, which will require ongoing, sustainable vigilance," Microsoft says.
Last week, the United States announced that it will sue companies that aren't protected against the bug or its variants.
Australia would likely do it if its laws allowed such a decisive step.
According to the US Federal Trade Commission (FTC) the vulnerability is being exploited by an increasing number of hackers, posing an extremely risk to millions of consumer products, enterprise applications and web-based applications.
China-based groups Hafnium and Aquatic Panda rapidly went on the attack just a few days after the flaw was discovered in December, as did hackers from Iran experts claim.
"When vulnerabilities are discovered and exploited, there is a risk of the loss or compromise of personal information, financial loss, and other irreparable harms," the FTC warned in a blog post.
The US Cybersecurity and Infrastructure Security Agency warns that no single step can solve the problem.
Under US law, there is a requirement to act, and that includes Australian organizations that operate in the United States.
The FTC states that it plans to make use of its "full legal authority" to pursue companies that fail to take reasonable steps to protect consumer data from exposure in the event of Log4j, or similar known vulnerabilities in the future.
When the credit company Equifax did not patch an issue that was well-known and exposed the personal data of 147 million customers, it was forced to settle a claim of $US700 million ($A974 million)
Back home, Services Australia is responsible for the data of millions of Australians but is linked to aged care facilities and other service providers whose systems need to be flexible, but are often fragile.
Intruders have discovered remote access software that can access applications and data, including MobileIron products in Australia.
The Australian Industry Group warned that many apps could be vulnerable. This could impact individuals, businesses and supply chains.
Ai Group states that a weakness in their security could let malicious actors to create malicious "logs" that could be used to gain control of data and computer systems.
The bug and its variants are being dealt with by the United Kingdom, United States of America, Canada, and New Zealand.
"The Log4Shell vulnerability within MobileIron products is actively targeted and exploited," the UK's National Health Service has warned.
Software developers and organizations including Java's Apache and MobileIron have acted swiftly.
Apple's iCloud, the platform for distribution of games Steam and Minecraft have also been patched holes.
PREMIUMEBOOKS
Australia's Employment Minister Stuart Robert has encouraged all businesses to take this issue seriously.
He stated, "It's a serious virus serious malware"
"I've been urging all businesses to take action at a level of urgency to make sure their servers, specifically their web servers, and any remote access via MobileIron are appropriately patched, and they should be doing this now."
Australian businesses, universities, and all government agencies are being warned to, at the very minimum, follow the steps to scan and upgrade software to ensure their security.
Microsoft claims to have seen many attackers add these vulnerabilities to existing malware kits and techniques. These include cryptocurrency miners and hands-on keyboard attacks.
"Organisations may not realise their environments may already be compromised," the firm says.
"At this point, customers should assume broad availability of exploit code and scanning capabilities to be an actual and immediate threat to their environment."
Many Australian aged health and care facilities claim on taxpayer funds using the dated business-to-government (B2G) software. They were warned to take action, but might not have received the notice.
Services Australia advised that customers should transition to web services as soon as possible in an email to developers in December.
"The agency is committed to changing away from the old adaptor technology to claiming online as quickly as possible.
"This is becoming more urgent due to the growing global Java vulnerability."
A parliamentary committee of the federal government was informed in the summer of last year that the agency blocks around 14 million suspicious emails per month and needs to constantly review security, make upgrades and patches to fix bugs.
Services Australia is currently working closely with the Australian Cyber Security Centre to tackle the threat that is evolving.
Mr. Jongen said that Services Australia would continue to implement the ACSC's mitigation and detection recommendations.
"The ACSC is working with all vendors in order to identify and mitigate Log4j weaknesses.
Here's my website: https://premiumebooks.net/
|
|
Notes is a web-based application for online taking notes. You can take your notes and share with others people. If you like taking long notes, notes.io is designed for you. To date, over 8,000,000,000+ notes created and continuing...
With notes.io;
- * You can take a note from anywhere and any device with internet connection.
- * You can share the notes in social platforms (YouTube, Facebook, Twitter, instagram etc.).
- * You can quickly share your contents without website, blog and e-mail.
- * You don't need to create any Account to share a note. As you wish you can use quick, easy and best shortened notes with sms, websites, e-mail, or messaging services (WhatsApp, iMessage, Telegram, Signal).
- * Notes.io has fabulous infrastructure design for a short link and allows you to share the note as an easy and understandable link.
Fast: Notes.io is built for speed and performance. You can take a notes quickly and browse your archive.
Easy: Notes.io doesn’t require installation. Just write and share note!
Short: Notes.io’s url just 8 character. You’ll get shorten link of your note when you want to share. (Ex: notes.io/q )
Free: Notes.io works for 14 years and has been free since the day it was started.
You immediately create your first note and start sharing with the ones you wish. If you want to contact us, you can use the following communication channels;
Email: [email protected]
Twitter: http://twitter.com/notesio
Instagram: http://instagram.com/notes.io
Facebook: http://facebook.com/notesio
Regards;
Notes.io Team
