A fortnightly insight into the Australian cyber threat landscape
After a busy few weeks we felt that more value might be delivered via this blog as a fortnightly installment, instead of weekly. With that we present the second edition of the Australia Cyber Update.
As a reminder this information is provided in the guest to inform in the spirit of Situational Awareness which continues to be a vital and sometimes overlooked component of threat intelligence and cyber security more broadly.
August 1
Play ransomware gang posted AAPD to their leak site. AAPD is an adult product distribution company. At time of reporting they have not posted any data.
August 6
A user on Telegram offers two new Australian scams for purchase — one related to PAYID and one related to Harvey Norman. Whilst scams are regular place if we see them we will share them here in the spirit of awareness.
August 6
A user on Exploit forum is selling sms leads of Australians and asking for 20 dollars for a thousand leads. This provides insights into the value of data on underground forums and the often opportunistic collection of cyber criminals.
August 9
A user on Exploit forum is seeking personal information of Australian citizens (this is not uncommon, but is a good reminder that interest in Australian data remains persistent) Worth noting that value of data can range from 5 cents up to 50 dollars.
August 10
Rhysida ransomware gang posted Optimum Health Solutions as an alleged victim to their leak site. Optimum Health Solutions is a large preventative health company in NSW. They have not posted any data at time of posting, as noted by the image the countdown ends on 16 August.
August 11
A user on Breachforum has posted alleged data from iabaustralia for sale. Iabaustralia is a marketing company. The reputation of this threat actor is questionable, they are offering the data for sale and appear to have limited sales on other data offered.
August 16
Play ransomware gang posted Algorry Zappia & Associates, a engineering company from Sydney to their leak site. They have not posted any data at time of reporting.
If you found this useful, or have any suggestions/edits/additions or want to know more please reach out to our X (Twitter) accounts :
