The Cybersecurity and Infrastructure Security Agency (CISA) is passing through an Australian Cyber Security Centre ASCS Advisory 2020-008 regarding what it believes to be a sustained cyber attack against Australian government and commercial networks involving “copy-paste compromises.” While the attack is being attributed to a sophisticated state-based threat actor, the methods being used are described as nothing more than copying/pasting tools from open source code that exploits known remote code execution vulnerabilities and spearphishing attacks. ACSC and CISA provide the most relevant mitigations to protect against similar attacks and encourages users and administrators to review the tactics, techniques, and procedures identified in ASCS Advisory 2020-008 as well as:

• CISA Security Tip: Questions Every CEO Should Ask About Cyber Risks
• CISA Security Tip: Understanding Patches and Software Updates
• CISA Security Tip: Supplementing Passwords

Access the NCAS post at CISA