Security advisories and bulletins Incident response Threat processing Compromise evidence collection and data distribution
2.1. Security advisories and bulletins
AusCERT distributes security advisories and bulletins to its members by email and publishes a portion of them to its public website. Bulletins are published in a standardised format with a consistent approach to classifications of vulnerabilities, impacts and affected operating systems. During 2014, 2519 External Security Bulletins ESBs and 146 AusCERT Security Bulletins ASBs were published. This represents a 34 increase overall when compared with 2013 tallies. The increase is largely due to the widespread vulnerabilities in OpenSSL based products, affecting many different vendors. The ESBs are made publicly available immediately however the ASBs are available to members only for a period of one month after release, beyond which time they are made public.2.2. Incident response
AusCERT coordinates incident response on behalf of its members and generates pro-active reports of incident activity, based on its data collection activities. Weekly, AusCERT provides a report to each of its members that details activity that affected the member for that week. 162.3. Threat processing
AusCERT provides a Malicious URL Feed to members only, containing the output of AusCERT’s processing of malware, phishing and other dangerous URLs. This feed is as accurate as possible, as each entry is checked by an analyst instead of relying on automated pattern matching. Additionally malware samples are automatically compared against multiple vendors’ detection engines using the Virus Total service, and those samples achieving poor detection rates are submitted to as many AV vendors as possible for inclusion in signatures.2.4. Compromise evidence collection and data distribution
AusCERT notifies members of compromise of their web sites, hosts and accounts based on data collected using in-house expertise and analytics from open source data. 172.5. Phishing take down service
Parts
» Objectives and Scope of Activities
» APCERT Members APCERT Annual Report 2014
» Working Groups WG APCERT Website
» International Activities and Engagements
» BruCERT Establishment BruCERT Workforce BruCERT Constituents
» Encounter and infection rate trends
» Malicious websites Summary of BruCERT Honey Pot Project
» Establishment Workforce power Constituency
» Drills Meetings Presentations Publications – Cyber alerts, advisories and strategies
» Incident handling Reports Abuse Statistics Incident Trends
» Cyber Security Assurance initiatives Future projects
» Introduction Establishment Workforce power Constituency Contact Incident handling
» Internet Awareness 1. Malware Activities Website Security
» Mobile Awareness Conferences Achievements 1. Publications
» Introduction EC-CERT Services Achievements 1. Publications
» About ID-CERT Introduction APCERT Annual Report 2014
» Abuse Statistic New Service Etc
» Establishment Management and Staffs Constituencies and Stakeholders Main activities:
» Drills About JPCERTCC Establishment
» About KrCERTCC Introduction About MNCERTCC Introduction
» Statistics Activities Operations 1. Incident handling reports
» Drill Seminars Events organized co-organized 1. Competition
» Incident handling reports Abuse statistics
» Training Drills Seminars Publication. Sensors
» Activities About MOCERT Introduction
» Threats About MOCERT Introduction
» Incident trends About MOCERT Introduction
» Training Education Drills Seminars Presentations
» Future plan About MOCERT Introduction
» The Cyber999 Malware Research Centre MRC Constituency
» Cyber Drills Trainings Presentations Tools Developed Paper Publication
» MyCERT’s Activities Operation 1. Incident handling reports and abuse statistics Working Visits
» Memorandum of Understanding MoU New Partnership and Existing Cooperation
» Incident handling reports The Telecommunications Intercept Capability and Security Act TICSA
» Training Drills Publications About MOCERT Introduction
» Activity Summary About SingCERT Introduction
» Incident Handling Statistics About SingCERT Introduction
» Training Education Consultancy About SingCERT Introduction
» Seminars Workshops About SingCERT Introduction
» Publications Other Media Certification Membership MOUs
» Event Participation International Incident Coordination
» Future Plans Conclusion Activities Operations 1. Abuse statistics
» Security Vulnerability Announcement Spam Analysis Report Anti-Phishing Now
» MoU International Collaboration APCERT Annual Report 2014
» Establishment Workforce Power Mission and Constituency
» Incident Handling Government Information Sharing and Analysis Center Training
» Drills Conference Presentation Publication Incident Report
» International Organization Membership Participation to International Events MOU
Show more