ACSC Releases Advisory on Cyber Campaign using Copy-Paste Compromises

Original release date: June 22, 2020

The Australian Cyber Security Centre (ACSC) has released an advisory regarding an ongoing cyber campaign involving “copy-paste compromises” targeting Australian government and commercial networks. According to the advisory, a sophisticated malicious cyber actor is carrying out the campaign using open-source code that exploits known remote code execution vulnerabilities and spearphishing attacks.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the tactics, techniques, and procedures and mitigations identified in ASCS Advisory 2020-008 as well as:

This product is provided subject to this Notification and this Privacy & Use policy.