Threat Landscape Dashboard

Assessing today's threats and the relationships between them

Operation Australia

Australian governments and companies are being targeted by a sophisticated, possibly state-based, actor. The actor is making heavy use of proof-of-concept exploit code, web shells and other open source tools. The most prevalent method of initial access in these attacks has been identified as being the exploitation of public-facing infrastructure. The actors are actively exploiting known vulnerabilities in Telerik UI (CVE-2019-18935), Citrix (CVE-2019-19781) and SharePoint (CVE-2019-0604).
Name Modified Date Sources
Operation Australia 2020-06-19