Volume 2, Issue no. 22 is out and in the latest weekly AUCloud Cyber Threat Intelligence Report we reveal:
Hackers target Check Point VPNs to breach enterprise networks
Hackers have been exploiting vulnerabilities in Check Point Remote Access VPN devices to gain unauthorised access to enterprise networks. The campaign, identified by Check Point, highlights that these threat actors are leveraging known flaws to breach systems, potentially accessing sensitive corporate data and network resources. This method of attack emphasises the importance of securing remote access points, which are often targeted due to their external exposure and the critical access they provide.
Exploit released for maximum severity Fortinet RCE bug, patch now
A critical remote code execution (RCE) vulnerability affecting Fortinet’s FortiNAC appliances has come under active exploitation by threat actors. This flaw, identified as CVE-2022-39952, allows unauthenticated attackers to execute commands remotely via file path manipulation in the FortiNAC web server. The issue was disclosed by Fortinet, and a proof-of-concept (PoC) exploit was released by Horizon3 security researchers, further prompting attackers to begin targeting vulnerable systems immediately.
Understanding the 2022 Optus data breach and what this means
In September 2022, Optus, one of Australia’s largest telecommunications providers, suffered a significant data breach. Fast forward to May 2024, the repercussions of this breach are still unfolding. Optus recently lost an appeal to keep the Deloitte report on the cyber-attack confidential. This report is crucial as it contains detailed analyses of the breach, the vulnerabilities exploited, and recommendations for preventing future incidents.
The May 2024 MediSecure cyber attack: A comprehensive update
In May 2024, MediSecure, a prominent prescription technology company in Australia, fell victim to a large-scale ransomware attack. This breach exposed a vast amount of sensitive healthcare data, significantly impacting the company’s operations and raising serious concerns about data security in the healthcare sector. In a bid to recover from the financial and operational damages caused by the cyber-attack, MediSecure has requested a government bailout.