Brett Williams

Netlas and RST Cloud Forge Alliance to Enhance Cyber Threat Intelligence and Threat Hunting Capabilities Netlas.io, a leading platform for internet-wide scanning and external attack surface management, and RST Cloud, a premier Australian provider of cyber threat intelligence (CTI) solutions, are pleased to announce a strategic collaboration aimed at bringing additional value to customers of both organisations. With the release of the new Netlas version, users will now benefit from the inclusion of RST Cloud’s contextualised IoC (Indicators of Compromise) data from their extensive database, aggregated through multiple CTI sources across the globe within the Netlas platform. This includes data about related threat type and threat attribution, reputational score and False Positive flag. This integration empowers cybersecurity professionals with advanced tools for identifying potential threats during their investigations. “Indicators of compromise very logically complement the data provided by Netlas. With the vulnerability labels and other data provided, this will allow users to even better understand the degree of danger of the objects in their scope,” said Arthur Kotylevskiy, CEO at Netlas. “From RST Cloud’s perspective, this collaboration allows us to utilise Netlas’ extensive internet-wide scanning capabilities to identify new IoCs and enhance our threat intelligence services.” said Founder of RST Cloud, Yury Sergeev. The collaboration offers several key benefits: For Netlas users: – Access to RST Cloud’s threat intelligence data, enhancing the identification of malicious IP addresses and domains. – Comprehensive threat context to improve incident analysis and remediation efforts. – Enhanced decision-making through the availability of reliable and up-to-date threat data. For RST Cloud users: – Leveraging Netlas’ scanning capabilities to identify new IoCs and enrich threat intelligence and extending RST Cloud capabilities to access the most relevant IoCs (including malicious IP, C&C servers). – Gaining wider visibility into devices and services exposed to the internet using Netlas’ threat hunting engine to identify infrastructure owned by malicious actors. Together, Netlas.io and RST Cloud are dedicated to delivering unparalleled cybersecurity services, equipping professionals with the necessary tools to stay ahead of evolving cyber threats. This strategic collaboration marks a significant step forward in enhancing threat intelligence and external attack surface management for customers worldwide.

10

🚨 Strategies for handling uncertainty in identity investigations: Fortian's Strategic Approaches 🚨 Arachne Digital is proud to support Fortian, an Australian security consultancy and managed security service provider, in their mission to enhance security operations. Fortian have put out an insightful article on monitoring identity providers for suspicious sign-in activity, emphasising the critical need for vigilance given that over 77% of attacks involve compromised credentials as an initial access method (Sophos, 2024). Key Strategies for handling uncertainty in identity investigations: Relate to Known Threats or Scenarios: Fortian advises building a matrix of threats and scenarios alongside evidence to support or disprove them. This method helps analysts make high-confidence determinations about the nature of suspicious sign-ins. Score the Anomaly: When evidence doesn't point to a specific threat, benchmarking anomalous sign-ins against past activities can provide context and help differentiate between benign and malicious activities. Perform Low-Impact Response Actions: In cases of irreducible uncertainty, low-impact actions like revoking sign-in sessions, resetting passwords, or extending monitoring can mitigate potential threats while minimising business disruption. Fortian's structured approach to dealing with suspicious sign-ins in Microsoft Entra ID is a testament to their dedication to security. By leveraging these strategies, security operations analysts can reduce uncertainty and respond effectively to potential threats. 🔍 Read more about Fortian's methodologies and how they can enhance your security operations: https://lnkd.in/g8btk2HX #CyberSecurity #ThreatDetection #IdentityProtection #SecurityOperations #ArachneDigital #Fortian

1

🌏 Australia Threat Landscape Report 2024: A CISO Brief 🌏 🇦🇺 Dive into SOCRadar’s in-depth analysis of Australia’s cybersecurity threats for 2024! From ransomware trends to the dark web chatter, this report uncovers critical insights for CISOs and security teams looking to bolster defenses in a rapidly evolving landscape. 📈 Stay ahead with actionable intelligence, industry-specific insights, and recommended best practices tailored to the unique challenges in Australia. 🔍 Download the full report now to understand the risks and be proactive in safeguarding your organization. 👉 https://lnkd.in/dncqyZ8v #Cybersecurity #ThreatIntelligence #Australia #CISO #Ransomware

21

Looking for some quality cybersecurity news? Risky Business Media was founded in 2007 by cybersecurity journalist Patrick Guy, who formerly worked with ZDNet Australia. Now he works with a few colleagues to provide a short podcast that updates listeners on recent security news. Give it a listen to see what you think. #RiskyBiz #CyberNews #CyberPodcast #PearlTechnology #Cybersecurity

2

As the cloud security landscape becomes more complex, the potential move by Australia to require businesses to report ransom payments is an intriguing development. Transparency is key to understanding the scale and nature of these threats. Three tips for businesses venturing into the cloud: 1. Hibernate: Don’t keep idle instances running, they’re a potential entry point for attackers. 2. Secure: Implement robust security measures including firewalls, intrusion detection systems, and regular audits. 3. Educate: Educate all employees on the risks and best practices related to cloud security. The future of cybersecurity is transparent, proactive, and informed. Let's embrace it, one cloud at a time. #Cybersecurity #CloudSecurity #Ransomware #DataBreach #CloudEducation

1

🚩 Breaking News : Iluka Resources, a major player in the rare-earth metals industry, has been targeted by a denial-of-service (DoS) cyber attack! 👾 While no data was compromised, this incident follows a recent ransomware attack on Northern Minerals, another Australian rare-earth producer. These cyber threats are raising significant concerns within the industry, especially as Iluka’s managing director, Tom O’Leary, has recently criticized China’s influence on rare-earth metal prices. O’Leary claims that China is manipulating prices to dominate the global market, impacting profits for all producers. As tensions rise, the security of rare-earth mineral companies is under intense scrutiny. Industry leaders are urging for increased vigilance and enhanced cybersecurity measures. #CyberSecurity #RareEarthMetals #IlukaResources #NorthernMinerals #ChinaInfluence #IndustryNews #StaySafe

3

One cybercrime report every six minutes on average in 2024. In Australian Signals Directorate's Annual Cyber Threat Report for 2023-2024, 87,400 cybercrime incidents were reported in the 12-month period to the end of June 2024 -- This is equivalent to one report every six minutes on average. But while this figure is 7% lower than before, the average self-reported cost of cybercrime per report for individuals grew by 17% ($30,700). Read more from the report: https://lnkd.in/gP2yB4A3 #RethinkCybersecurity #Cybersecurity 

6

🇦🇺 In the Cyber Daily: "A ransomware attack on any Australian healthcare provider is devastating but should not be surprising,” says Wayne Phillips, SentinelOne's Field Chief Technology Officer, APJ. "This incident [NCSC warns of ‘large-scale ransomware data breach incident’; MediSecure the victim] highlights the severe implications for patient care, data privacy, and overall confidence in healthcare systems. Healthcare providers prioritise availability-of-service over security control to ensure positive patient outcomes, but this leaves them more vulnerable to larger attacks and longer outages. Something must change. The massive impact on patients and their privacy makes healthcare a soft target to ransomware attacks. This attack raises critical questions about the robustness of cyber security controls in the healthcare sector." 🗞️To know more, read the full article: https://lnkd.in/gs2Ajkyf

8

649,000,000. That's huge but what's the relevant to Cloud Connect WA? 🤔 🚀 Our Security Information and Event Management (SIEM) system has been on overdrive, processing a staggering 649 million logs in the past 30 days alone. 📈 That's right, we're talking round-the-clock monitoring, 24/7/365, keeping a vigilant eye for any signs of malicious activity. 💻 Why should this matter to you? 🤔 Well, in today's digital landscape, where cyber threats loom large, trusting a company that offers this level of security is paramount. 🛡️ With cyber attacks becoming increasingly sophisticated, having robust defenses isn't just a luxury; it's a necessity. 🔐 Our journey towards achieving Essential 8 Level 3 accreditation underscores our commitment to cybersecurity excellence. 🌟 By embracing best practices and leveraging cutting-edge technologies, we're not just keeping up with cyber threats; we're staying ahead of them. 💪 But it's not just about technology; it's about a holistic approach to risk management in cybersecurity. 💼 From preventing cybercrime to fostering cybersecurity awareness among your team, every aspect plays a crucial role. 🤝 So, why should you trust us? Because we don't just offer managed security services; we offer peace of mind. 🌐 With Cloud Connect WA, you're not just a client; you're a partner in the fight against cyber threats. 💬 Let's connect and strengthen our defenses together. #CyberSecurity #Essential8 #ManagedSecurityServices

7

2 Comments

A recent report by the Australian Signals Directorate pinpointed Log4Shell (CVE-2021-44228) and ProxyLogon (CVE-2021-26855) as the most exploited vulnerabilities in the past year, collectively responsible for a staggering 29% of all CVE-related incidents. In this contributed article, Rohit Murali, our Channel Solutions Engineer, shares how we can also use the CVE Program to preventively tell the SIEM what to look out for and alert, opening a way to faster threat detection and response without unnecessary hunting efforts. Read the full article: https://lnkd.in/gxtx63EZ [This was originally presented in AISA Canberra CyberCon 2024, titled "Security Made CVEasy." LogRhythm is deeply committed to helping Australian businesses achieve their cybersecurity maturity goals. If you are keen to know how we can help, schedule a demo here: https://lnkd.in/gK9KQaJs]

49

“It was very evident that CrowdStrike was the clear winner out of all the options we evaluated.” - Dave W., CISO at Australian energy provider Jemena With CrowdStrike, Jemena has experienced: 💪 70% savings and enhanced capabilities ⌚ Incident response times slashed from days to minutes ⚡ A solution that was deployed to all endpoints in just three days Watch the full video to learn why Jemena uses CrowdStrike Falcon® Complete for 24/7 managed detection and response, in addition to a host of CrowdStrike Falcon® platform modules to protect #cloud and #identity attack surfaces: https://lnkd.in/g2fXHjjN

274

🎙️ In the latest Defend Your Time podcast, we dive into our H1 2024 Threat Report with a fresh perspective! Dom De Vitto CISSP BSc (Hons) and Zach G. break down key insights for CISOs, exploring how to leverage these findings to stay one step ahead of emerging threats. Listen in 🎧 https://bit.ly/4dcLjSE What were your key takeaways? Drop us a comment below 👇 #cyberpodcast #threatintel #cisoperspective

12

A new episode of WestCoastCyber is up now! 🤩 For the November episode, our hosts Ben Aylett and Caitriona Forde commented on the latest #CyberSecurity news relevant to all of us in Australia, BUT Most importantly, our special guest Dan Haagman, CEO of Chaleit, also shares some of his #LessonsLearned from an extensive Cyber Security career across continents. You definitely want to tune in to this one! Whether you are a student, a cybersecurity enthusiast, or a seasoned tech professional, this episode has something for you. Get insight into the #Fundamental building blocks of the tech industry. Why do some #Approaches to cyber security fail? What does a #Robust cybersecurity posture actually mean? Click the link below to listen to our latest show, or find #WestCoastCyberPodcast on your preferred streaming platform. https://lnkd.in/geCRnzPq

18

4 Comments

#BreachInsights 🔎 New Zealand Stock Exchange - Distributed Denial of Service (DDoS) attacks. In March and April 2020, the New Zealand Stock Exchange (NZX) was hit by several DDoS attacks. The severity of these attacks was unlike anything seen before, forcing the exchange to shut down. ❔ What is a DDoS, and what happened in the New Zealand Stock Exchange attacks? A Distributed Denial of Service (DDoS) attack occurs when an attacker floods a website, server, or network with excessive traffic, overwhelming the system and thus blocking legitimate users from accessing the service. In NZX’s case, the website had been overwhelmed by malicious offshore digital traffic, slowing it down so much that the exchange could not make any market announcements required by financial regulators. This forced NZX to stop any trading. The attack review revealed that an attack of this scale was predictable and should have been prepared for. NZX lacked tools and practices for handling increasing trading volumes and was aware of limitations in its core processing systems. Furthermore, the attacks highlighted the shortcomings in NZX's crisis management procedures, i.e. relying on a single, unprotected method for market announcements with minimal contingency planning in place. Lessons Learned: ⚫ Businesses need to ensure they have adequate technology capabilities and trained staff. Regular assessments of systems and processes are essential to identify and address weaknesses before they lead to significant issues. ⚫ Businesses should adopt essential tools and best practices to handle growth effectively. This includes investing in scalable systems that can accommodate increasing demand and proactively addressing known infrastructure limitations. ⚫ Businesses should create contingency plans for critical operations. Additionally, prioritising security practices is crucial for safeguarding against potential threats and ensuring effective crisis management. Read the full article in the comments section 👇 #ITPartners #Cybersecurity #TechNews #SecurityFlaws #CyberAwareness #CyberDefense

7

1 Comment

🌏 The 2024 ANZ Threat Landscape Report highlights the increasing complexity of cyber threats in #Australia and #NewZealand, affecting critical sectors like healthcare, finance, and infrastructure. Cybercriminals and state-sponsored actors pose significant risks, driven by geopolitical tensions, particularly from nations like China and Russia. 📈 Rising Cyber Threats: - Ransomware-as-a-Service (RaaS) models are on the rise, with over **1,100 cyber incidents** reported by the Australian Signals Directorate in FY2023-24, especially targeting critical infrastructure. - There has been a **12% increase** in inquiries to the Australian Cyber Security Hotline, indicating heightened concern over cybersecurity vulnerabilities and a surge in **data breaches** and **DDoS attacks**. 🔑 Strategic Insights for CISOs: CISOs need to focus on: - Proactive identification of threats - Continuous updating of cybersecurity protocols to combat evolving attacks Summary (auto generated) from the CISOs’ Key Takeaways from the ANZ (Australia and New Zealand) Threat Landscape Report 2024 by Cyble. Source: https://lnkd.in/g4K5eDb2 #securitytrends #infosec #cybersecurity #threatintel #threatintelligence #ciso

3