Cyber snippets 2022
The below is a snapshot of the cybersecurity news, updates, risks, and threat actor activities, relevant to the Higher Education and Research sector.

You may also find benefit subscribing to:
AusCERT Security Bulletins: https://www.auscert.org.au/resources/security-bulletins/
ACSC Alerts https://www.cyber.gov.au/acsc/view-all-content/alerts

If you have a vulnerability, information, article, good practice, or item of value, please feel free to share. Any feedback, suggestions or additions are appreciated (please email Nikki Peever, CAUDIT Director Cybersecurity Program - nikki.peever@caudit.edu.au)

Sections

  1. Latest cyber snippets
  1. Older cyber snippets (2021)

Latest cyber snippets

Date
Category
Summary
Notes
Link/ source
22 December 2022
Threat category: advisory
EXPERTS PREPARE FOR MAJOR CYBER INCIDENT OVER CHRISTMAS

https://www.cybersecurityconnect.com.au/industry/8527-experts-prepare-for-major-cyber-incident-over-christmas
22 December 2022
Threat category: phishing/malware/ransomware
THE GUARDIAN HIT BY POSSIBLE RANSOMWARE ATTACK

https://www.cybersecurityconnect.com.au/commercial/8535-the-guardian-hit-by-possible-ransomware-attack?
22 December 2022

AUSTRALIA CROWNED MOST HACKED NATION IN THE WORLD

https://www.cybersecurityconnect.com.au/industry/8530-australia-crowned-most-hacked-nation-in-the-world
20 December 2022
Threat category: phishing/malware/ransomware
McGraw Hill confirms data exposure of students' emails and grades

https://edscoop.com/mcgraw-hill-amazon-s3-data-exposure-student-emails-grades/
14 December 2022
Threat category: system and cloud (including patches)
Microsoft Patch Tuesday, December 2022 Edition

https://krebsonsecurity.com/2022/12/microsoft-patch-tuesday-december-2022-edition/
14 December 2022
Threat category: system and cloud (including patches)
Citrix ADC and Citrix Gateway Security Bulletin for CVE-2022-27518

https://support.citrix.com/article/CTX474995/citrix-adc-and-citrix-gateway-security-bulletin-for-cve202227518
13 December 2022
Threat category: system and cloud (including patches)
Adobe Patches 38 Flaws in Enterprise Software Products

https://www.securityweek.com/adobe-patches-38-flaws-enterprise-software-products
13 December 2022

Australia and Vanuatu sign defense and cybersecurity pact

https://therecord.media/australia-and-vanuatu-sign-defense-and-cybersecurity-pact
13 December 2022
Threat category: system and cloud (including patches)
Guidance on Microsoft Signed Drivers Being Used Maliciously

https://msrc.microsoft.com/update-guide/vulnerability/ADV220005
13 December 2022
Threat category: system and cloud (including patches)
Fortinet software SSL-VPN Remote Code Execution vulnerability

https://www.cert.govt.nz/it-specialists/advisories/fortinet-software-sslv-vpn-remote-code-execution-vulnerability
12 December 2022
Threat category: advisory
This evasive new cyberattack can bypass air-gapped systems to steal data from the most sensitive networks

https://www.zdnet.com/article/this-evasive-new-cyberattack-can-bypass-air-gapped-systems-to-steal-data-from-the-most-sensitive-networks
12 December 2022

Optus helps La Trobe University move 80% of core servers and storage to AWS

https://www.crn.com.au/news/optus-helps-la-trobe-university-move-80-of-core-servers-and-storage-to-aws-589049
12 December 2022

Quarter Three: Cyber Security Insights 2022 (NZ)

https://www.cert.govt.nz/about/quarterly-report/quarter-three-cyber-security-insights-2022
12 December 2022

Telstra suffers privacy breach, 132,000 customers impacted

https://www.crn.com.au/news/telstra-suffers-privacy-breach-132000-customers-impacted-588998
12 December 2022

Gov sets target to make Australia "most cyber secure country" by 2030

https://www.crn.com.au/news/gov-sets-target-to-make-australia-most-cyber-secure-country-by-2030-589027
09 December 2022

Cisco lays out 'cloud neutral' security pitch at Cisco Live in Melbourne

https://www.crn.com.au/news/cisco-lays-out-cloud-neutral-security-pitch-at-cisco-live-in-melbourne-588936
08 December 2022

Australian laws struggle with biometrics

https://ia.acs.org.au/content/ia/article/2022/australian-laws-struggle-with-biometrics.html
08 December 2022

LJ Hooker latest cybercrime target

https://ia.acs.org.au/content/ia/article/2022/lj-hooker-latest-cybercrime-target.html
08 December 2022

Ransomware Roundup – New Vohuk, ScareCrow, and AERST Variants

https://www.fortinet.com/blog/threat-research/ransomware-roundup-new-vohuk-scarecrow-and-aerst-variants
08 December 2022

Hackers are still finding - and using - flaws in Internet Explorer

https://www.zdnet.com/article/hackers-are-still-finding-and-using-flaws-in-internet-explorer
07 December 2022

Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022

https://thehackernews.com/2022/12/vice-society-ransomware-attackers.html
07 December 2022

Defence Industry Security Program Inquiry Hearing

https://australiancybersecuritymagazine.com.au/defence-industry-security-program-inquiry-hearing
07 December 2022

Final defense policy bill chock full of cybersecurity provisions

https://therecord.media/final-defense-policy-bill-chock-full-of-cybersecurity-provisions
06 December 2022

Vice Society: Profiling a Persistent Threat to the Education Sector

https://unit42.paloaltonetworks.com/vice-society-targets-education-sector/
06 December 2022

DISA approves Google to host more sensitive DOD cloud data

https://defensescoop.com/2022/12/06/disa-approves-google-to-host-more-sensitive-dod-cloud-data/
06 December 2022

CISA's 2023 priorities include election security, corporate cyber risk

https://www.cyberscoop.com/cisa-2023-priorities/
06 December 2022

Multiple government departments in New Zealand affected by ransomware attack on IT provider

https://therecord.media/multiple-government-departments-in-new-zealand-affected-by-ransomware-attack-on-it-provider/
06 December 2022

Why higher education IT strategic plans matter

https://edscoop.com/radio/why-higher-education-it-strategic-plans-matter/
05 December 2022

Cybersecurity Predictions for a Turbulent 2023

https://cyberriskleaders.com/cybersecurity-predictions-for-a-turbulent-2023