Australian Cyber Security Advisories

Advisory 2020-001 - Understanding the Zoom vulnerabilities

Published: 2020-04-07

Mossé Security’s CSIRT has analysed the security vulnerabilities reported in Zoom between March 31st and April 7th, 2020. We are now sharing our professional opinion regarding the risk of “Zoom Bombing” attacks and discussing the weak encryption practices employed by Zoom.

Continue >

Advisory 2019-004 - Business Documents and PII Data Uploaded to Virus Total

Published: 2019-07-16

Mossé Security has been observing that some security solutions automatically upload emails to Virus Total that contain sensitive information (including attachments), without the knowledge or consent of the organisation.

Continue >

Advisory 2019-003 - All Organisations Are Urgently Advised to Immediately Turn on Mailbox Auditing

Published: 2019-07-10

Mossé Security’s Advanced CSIRT Team have been urgently called to respond to an alarming number of email account compromises that have allowed threat actors such as CRIME CHARLIE and CRIME OSCAR to steal money from regional organisations. Vast collateral damages are doubtlessly ensuing to these companies’ reputations wit...

Continue >

Advisory 2019-002 - Portable Applications Used To Compromise Enterprise Networks

Published: 2019-07-02

Mossé Security CSIRT has recently successfully responded to several breaches into corporate networks where the initial point of entry was a malicious portable application that provided reverse-shell capabilities to the adversaries. Using Portable Applications as an indirect way to breach into computer networks is another...

Continue >

Advisory 2019-001 - Cyber Adversaries Target Australians Organisation Using Signed Malware

Published: 2019-06-13

Mossé Security CSIRT observes signed malware used against Australian organisations daily. Enterprise security products and security analysts are advised not to automatically trust a file because it is signed. Digital certificates can be legitimately purchased for less than $100.00 USD. These certificates are either stole...

Continue >