More scams arriving from foreign soil:
Via mobiles numbers such as +61 472 709 929
It is time for telcos to be more pro active as the damage done by various Nigerian and other scams is hard to calculate in terms of time lost and emotional costs…
Never ever click on SMS with links such as “Urgent Notice: Your Medicare information requires updating. Visit https://au-service.top to update your records.”
Search for Services Australia on the web for warnings such as
https://www.servicesaustralia.gov.au/active-scams?context=60271
Scammers are pretending to be from Medicare. They may contact you by text message, saying your Medicare card has expired. They'll ask you to click on a link and update your details.
Atlassian hit by Chinese state-linked hackers
Microsoft has accused Chinese state-linked hackers of exploiting a critical security hole in software from Australian technology giant Atlassian to break into customers’ systems.
Atlassian has given the security flaw in its Confluence software, which is a tool that businesses use to centralise information, the highest possible severity rating because it can be exploited anonymously and remotely.
“We have evidence to suggest that a known nation-state actor is actively exploiting [the vulnerability],” Atlassian told its customers on Wednesday.
Microsoft’s cybersecurity division said it had detected a “nation-state threat actor” variously known as Storm-0062, DarkShadow or Oro0lxy exploiting the vulnerability as long ago as September 14.
Microsoft has previously identified that group as being based in China and linked to the national government. While Atlassian would not name a suspect country, it has emphasised that it is working closely with Microsoft.
Hackers routinely target companies like Atlassian that make widely used software because it gives them access to many other companies that can subsequently be targeted for industrial espionage, state intelligence or ransomware.
The Australian government has been working to bolster the country’s cybersecurity in the wake of the Optus and Medibank hacks last year, appointing a new co-ordinator for the issue.
But security issues like the Confluence flaw, known as a “zero-day” vulnerability, are notoriously difficult to tackle because they are unknown until exploited.
How it works
The security hole, which Atlassian first reported on October 4, allows hackers to access Confluence systems and create administrator accounts.
That could either let them access sensitive information which is held in Confluence itself or, if the system has details of the victim’s wider IT setup, execute further hacks.
The version of Confluence that runs in Atlassian’s cloud is not affected. The company has urged customers running older versions of Confluence on their own systems to immediately upgrade to later versions that do not have the vulnerability.
The Chinese Embassy in Canberra did not immediately reply to a request for comment, but the Chinese government has long denied it has any role in hacking overseas.
An Atlassian spokeswoman said it encouraged customers to share evidence of any compromised systems to support its response.
“Our priority is the security of our customers’ instances during this critical vulnerability, and we are collaborating with industry-leading threat intelligence partners, such as Microsoft, to obtain additional information that may assist customers with responding to the vulnerability,” the spokeswoman said.
But Atlassian has also said it cannot confirm if a customer’s Confluence system has been hacked, instead urging them to look for clues that it might have happened.
“If any evidence is found, you should assume that your instance has been compromised and evaluate the risk of flow-on effects,” Atlassian’s advice to customers reads.
If hackers have got into a Confluence system, Atlassian says, they can “perform any number of unfettered actions” including stealing content, system credentials and installing smaller pieces of malicious code called plug-ins.