NPD4n6: Nicks DFIR blog

1. Log4J – A 2021 technically but worth mentioning as a result of the spill over to 2022
   • ACSC: https://www.cyber.gov.au/acsc/view-all-content/advisories/2021-007-log4j-vulnerability-advice-and-mitigations
2. Okta breach – breach to Okta systems via support staff resulting in the breach to MFA for various organisations.
   • Okta CEO’s post: https://www.okta.com/blog/2022/03/oktas-investigation-of-the-january-2022-compromise/
3. Optus breach – biggest telco breach impacted ~11M Australians
   • Optus media release: https://www.optus.com.au/about/media-centre/media-releases/2022/09/optus-notifies-customers-of-cyberattack
4. MediBank Private breach – the biggest healthcare related cyber breach in Australian history
   • Medibank timeline: https://www.medibank.com.au/health-insurance/info/cyber-security/timeline/

I’m sure there is more I’m forgetting, I might add as time goes on.