Have I Been Pwned to monitor govt domains
All Australian and UK Government domains will be monitored for security breaches and data leaks using the Have I Been Pwned (HIBP) website.
Australian security expert Troy Hunt, creator of the website, has revealed in a blog post that the Australian Cyber Security Centre (ACSC) and its UK counterpart the National Cyber Security Centre (NCSC) have arranged to conduct centralised monitoring over the website.
HIBP was originally established to allow email users to check their addresses against public data dumps of compromised emails and passwords.
While a number of Australian Government departments of all sizes had been using the service, all the searches had been running independently, resulting in a lot of duplication of effort, Hunt said.
With the centralised service, the ACSC will be able to monitor all .gov.au domains plus a whitelisted set of other government-owned domains on different top-level domains, such as csiro.au.
Hunt will also provide the existing notification service that paid commercial subscribers have access to, which automatically alerts subscribers when one of their domains is detected in a new data breach or paste within minutes of the new information being added to the database. This will be provided to the Australian and British governments free of charge.
Half of government agencies falling short on email security measures: report
Lack of consistency across Australian Government bodies leaves critical vulnerabilities in the...
CISA and Microsoft warn of “active attacks” on SharePoint
Alerts have been published active attacks exploiting a remote code execution vulnerability in...
NSW Government agencies have ineffective cybersecurity controls: report
The Audit Office of New South Wales has found that NSW Government agencies still have minimal...
