Have I Been Pwned to monitor govt domains
All Australian and UK Government domains will be monitored for security breaches and data leaks using the Have I Been Pwned (HIBP) website.
Australian security expert Troy Hunt, creator of the website, has revealed in a blog post that the Australian Cyber Security Centre (ACSC) and its UK counterpart the National Cyber Security Centre (NCSC) have arranged to conduct centralised monitoring over the website.
HIBP was originally established to allow email users to check their addresses against public data dumps of compromised emails and passwords.
While a number of Australian Government departments of all sizes had been using the service, all the searches had been running independently, resulting in a lot of duplication of effort, Hunt said.
With the centralised service, the ACSC will be able to monitor all .gov.au domains plus a whitelisted set of other government-owned domains on different top-level domains, such as csiro.au.
Hunt will also provide the existing notification service that paid commercial subscribers have access to, which automatically alerts subscribers when one of their domains is detected in a new data breach or paste within minutes of the new information being added to the database. This will be provided to the Australian and British governments free of charge.
ACSC releases new guidance on bulletproof hosting providers
The ACSC has released new guidance on defence against potential cybercriminal activity enabled by...
IT security governance still lacking for many NSW agencies: report
A recent audit report finds there are still significant deficiencies in IT controls and...
Cisco devices still being exploited by BADCANDY since 2023
The ACSC has warned that cyber actors are still installing an implant dubbed 'BADCANDY'...
