Sammy Chuks..’s Post

View profile for Sammy Chuks.., graphic

Cyber Security Leader | Purple Team | CyberYoda

ASD/ACSC #APT40 Advisory: 🔥 Information regarding multiple compromise of Australian organizations by APT40 has been observed by the ASD/ACSC and interestingly, the AU government has taken a confrontational approach this time against the state-sponsor. "APT40 has previously targeted organizations in various countries, including Australia and the United States," the agencies said. "Notably, APT40 possesses the ability to quickly transform and adapt vulnerability proofs-of-concept (PoCs) for targeting, reconnaissance, and exploitation operations." Notable CVEs used by APT40: - Log4J - (CVE 2021 44228) - Confluence - (CVE-2021-31207, CVE-2021- 26084) - Microsoft Exchange -(CVE-2021-31207; CVE2021-34523; CVE-2021-34473) Recommendation: 1. Ensure that proper auditing and security monitoring exist for all external facing systems including SOHO devices. 2. Urgently review the list of CVEs above and patch the vulnerabilities immediately. 3. Ensure there are no shadow IT environments deployed within your enterprise environment. Finally, I found it interesting that this adversarial group is determined to not use Phishing and Social Engineering tactic to gain initial access. Aka - Hackyourwayin. https://lnkd.in/gJSA6J5u

  • diagram

To view or add a comment, sign in

Explore topics