Further Categories

AusCERT Web Log: The AusCERT web log is where our staff have the opportunity to informally discuss current activity and interesting developments in the area information security.

Member Newsletters: Complete archive of news letters distributed to AusCERT members

Checklists:

Presentations and Papers:

Further Information

Senate Select Committee enquiry into the National Broadband Network - The Senate Select Committee on the National Broadband Network has conducted an enquiry and invited submissions from AusCERT. The following paper was submitted by AusCERT: AusCERT submi... (30/11/2009)

Australian Paliament House of Representatives' cybercrime enquiry - The House of Representatives' Standing Committee on Communications has conducted an enquiry into cybercrime and invited submissions from AusCERT. The following papers were submitted by AusC... (30/11/2009)

The risks borne by one are shared by all - web site compromises - The following paper was first published in the Strategic Path Business Data Strategy magazine, eZine and www.BDStrategy.com.au. Download the PDF version from here: The risks borne by on... (12/11/2009)

Vulnerabilities Galore! - It has been a busy week for security analysts and system administrators alike with vulnerabilities being detected in numerous packages and operating systems. (07/08/2009)

America's 10 most wanted botnets - America's 10 most wanted botnets, ranked by size and strength. (24/07/2009)

Latest version of CDF released - The latest version of the Common Data Format (CDF) has been released. (24/07/2009)

Adobe Flash Player vulnerability - There is a critical vulnerability in current versions of Adobe Flash Player that could result in an attacker taking control of an affected system. (23/07/2009)

Queensland Police 'wardriving' - Queensland Police are planning a 'wardriving' campaign to educate citizens to secure their wireless networks. (22/07/2009)

Download....complete! - A busy little week. (17/07/2009)

Vulnerability in Firefox 3.5 - A memory corruption vulnerability has been found in Firefox 3.5 that may affect earlier versions also. (16/07/2009)

Independence Day attacks not so serious - Attack on US and Sth. Korean Govt web sites "was minor", but proves that mirroring remains the best defence against DDoS (16/07/2009)

MyDoom returns. - DDoS attacks using recycled malware. (10/07/2009)

Grab the new Firefox! - Firefox 3.5 released. (03/07/2009)

Phishing for browsers - Browsers beware! (19/06/2009)

Skeleton DDoS Mitigation Procedure - This is a skeleton procedure for mitigating a DDoS attack. (05/03/2009)

Choosing good passwords - Choosing a good password is a trade off between something that is difficult to guess versus something that is easy to remember. This article provides some simple rules of thumb on choosing good passwords (and good password policies). (22/01/2009)

Browser Bugs Galore! - A busy week for security professionals everywhere as multiple vulnerabilities are identified in web browsers everywhere! (19/12/2008)

Google Chrome - How shiny is it? - Google has today released the first public beta of their new web browser, known as Google Chrome, as an alternative to other popular browsers. Chrome introduces a number of new and innovative features, but with these new features come some potential security concerns. (03/09/2008)

Malicious Flash Sites Taking Over the Clipboard - Through the use of a standard flash function attackers are attempting to lead viewers to malicious sites. (03/09/2008)

Submission to the e-security review - The Australian government is reviewing Australia's e-security arrangements and has called for submissions. http://www.ag.gov.au/www/agd/agd.nsf/Page/Consultationsreformsandreviews_E-SecurityR... (29/08/2008)

Compromised Account Details and Logging FAQ - An overview of how the logging process works and the answers to the most Frequently Asked Questions. (03/07/2008)

Beyond obfuscation - attackers using encrypted javascript - An interesting insight into where the Bad Guys want to go. (05/06/2008)

AusCERT Home Users Computer Security Survey - The AusCERT Home Computer Users Security Survey 2008 was prepared to assess the security posture of home Internet users, their level of security awareness and attitudes to Internet security. The survey aims to raise awareness of home Internet computer security issues. (15/05/2008)

A lower total cost of 0wn3rship - What do you do when your website is infecting your customers and your hosting provider won't take your calls? (24/04/2008)

All your patch are belong to Oracle.. and Clam.. and Mozilla oh wait and Microsoft.. - This week (yesterday specifically) saw two browsers issue critical security updates (18/04/2008)

All your $_SERVER variables are belong to php-syslog-ng-2.9.7. - A newly added "feature" of php-syslog-ng leaks information back to the author. tsk tsk. (02/04/2008)

Protecting your computer from malicious code - This paper provides practical advice for protecting the PC desk top environment from malicious code for home users, SMEs or organisations without dedicated IT staff. (07/03/2008)

Filtering AusCERT Bulletins - Small guide on optimising the bulletins. (29/02/2008)

Practical Computer Security slides - AusCERT has released a basic Microsoft Powerpoint presentation to assist organisations with providing introductory computer security awareness training to individuals. (28/02/2008)

Following the rabbit hole - Ever wondered just how thoroughly compromised an administrator can get with one click? (08/02/2008)

Storm, Porn and Brawn - G'day Members, Some of our analysts spent some time poking the storm botnet this week after receiving some pill spam with very familiar looking URLs. What they found was that hitting the I... (01/02/2008)

AusCERT DDoS Paper - This paper has been developed by AusCERT to share some of the experiences, and lessons learned from a Distributed Denial of Service attack on the AusCERT web server. (24/12/2007)

AusCERT submission to the ALRC's Review of the Privacy Act - The Australian Law Reform Commission (ALRC) has called for submissions to the Review of the Privacy Act 1988 See: www.alrc.gov.au AusCERT submission to the Privacy Act Review (17/12/2007)

Drive-by malware on the increase - We have been predicting an increase in drive-by malware attacks for some time and it seems that in the UK, a noticeable change in this direction has occurred. (13/11/2007)

A newly registered Australian political party trials online voting in Australia - A newly registered Australian political party, Senator Online (SOL), is developing a web-based voting system to help inform how elected SOL senators cast their votes in the Senate. If SOL candidates are elected to the Senate, AusCERT assesses that the online voting mechanisms being used are vulnerable to manipulation by attackers within Australia or around the world and hence could be used to manipulate the Australian democratic process. (17/10/2007)


1, 2, 3, 4, 5  Next denotes AusCERT member only content.