The Australian federal government advised of a sophisticated cyber attack targeting Australian organisations across a range of sectors, including all levels of government, industry, political organisations, education, health, essential service providers, and operators of other critical infrastructure.
The Prime Minister's office said it is convinced that a state-based cyber actor is involved because of the scale and nature of the targeting and the tradecraft used.
The attack leverages a number of initial access vectors, with the most prevalent being the exploitation of public-facing infrastructure — primarily through the use of remote code execution vulnerability in unpatched versions of Telerik UI.
https://www.cyber.gov.au/threats/advisory-2020-008-copy-paste-compromises-tactics-techniques-and-procedures-used-target-multiple-australian-networks
