BLOG

Taking Action To Protect Your Infrastructure Against Cyber-Attack

Share on facebook
Share on twitter
Share on linkedin
Share on google

Copy-Paste Compromise

In this month, Australia Cyber Security Center has announced the statement on malicious cyber activity against Australian institutions, including hospitals and state-owned utilities.

The attacker has been identified leveraging a number of POC, proof-of-concept, exploit code, shells, and other various tools from open source. These actions are primarily through the use of remote code execution vulnerabilities in unpatched versions of Telerik UI and other Microsoft IIS and Citrix vulnerabilities.

The attacker has shown the capability to find and quickly leverage exploitable public vulnerabilities and regularly conducts reconnaissance of target networks looking for vulnerable services. The attacker might potentially maintain a list of public-facing services to quickly locating the vulnerable services after future vulnerability releases.
Malware

How Is The Attack Happening

The attacker has shown the capability to find and quickly leverage exploitable public vulnerabilities and regularly conducts reconnaissance of target networks looking for vulnerable services. The attacker might potentially maintain a list of public-facing services to quickly locating the vulnerable services after future vulnerability releases.
If your company does not host any public-facing services, it does not mean your network would be one of the victims in this action. The ACSC has identified that the attack is also utilising various phishing techniques. The ACSC has advised the phishing has taken the form of:
  • links to credential harvesting websites
  • emails with links to malicious files, or with the malicious file directly attached
  • links prompting users to grant Office 365 OAuth tokens to the actor
  • use of email tracking services to identify the email opening and lure click-through events.

Sprint Networks has an experienced team with comprehensive solutions to support your evolving security requirements. We have a strong partnership with leading technology providers to secure and maintain your security today and into the future.

Sprint Networks is offering Managed Email and DNS Security to strengthen your security defences with better control over all aspects of inbound, outbound emails, and suspicious traffic. To avoid becoming a victim in this attack, relying on people to keep your business safe should not be part of your options.

We are providing cloud -based Email Security solution filters all malicious email before it even hits your network components. Even though your employment received the malformed web address from other sources, we will block the requests before it even sends out from your network. The attacker will not be able to get any responses from the victims.

Protect your business from Cyber Threats with Sprint Networks. We aim to secure Australian businesses and institutions from all malicious activities that can take advantage of network vulnerabilities.

If you think you are at risk!

If you have questions, please drop us an e-mail at info@sprintnetworks.com

Leave a Reply