All archived alerts and advisories Title TypeAdvisoryAlert StatusCRITICALHIGHMEDIUMLOW AudienceIndividuals & familiesSmall & medium businessesOrganisations & Critical InfrastructureGovernment Sort by Sort byDate updated (new to old)Date updated (old to new)Title (A-Z)Title (Z-A) Items per page 61218243036424854606672788490200 14 Jul 2020 Advisory 2020-011: Critical Vulnerability in SAP NetWeaver Application Server (CVE-2020-6287) The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) recommends users of these products urgently apply available security patches to prevent an adversary from exploiting this vulnerability. Audience focus: Individuals & families Small & medium businesses Organisations & Critical Infrastructure Government 06 Jul 2020 Alert rating: Medium TMUI remote code execution vulnerability - CVE-2020-5902 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) advises users of F5’s enterprise and data centre BIG-IP products to ensure their systems are promptly patched after the recent disclosure of new remote code execution vulnerability. Audience focus: Organisations & Critical Infrastructure 25 May 2020 Alert rating: High DDoS threats being made against Australian organisations Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a number of Denial of Service (DoS) for ransom threats being made against Australian organisations, primarily in the banking and finance sector. Audience focus: Organisations & Critical Infrastructure Government 22 May 2020 Alert rating: High Active exploitation of vulnerability in Microsoft Internet Information Services The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware that sophisticated actors are actively exploiting a deserialisation vulnerability existing in all versions of Microsoft’s Internet Information Services (IIS) using the .NET framework (.NET). The vulnerability exploits the service’s VIEWSTATE parameter to allow for remote code execution by unauthorised users. Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government 22 May 2020 Alert rating: High COVID-19 malicious cyber activity Malicious cyber actors are actively targeting individuals and Australian organisations with COVID-19 related scams and phishing emails. These incidents are likely to increase in frequency and severity over the coming weeks and months. This is due, in part, to the ease in which existing scam emails and texts can be modified with a COVID-19 theme. Audience focus: Individuals & families Small & medium businesses Organisations & Critical Infrastructure Government 22 May 2020 Advisory Advisory 2020-004: Remote code execution vulnerability being actively exploited in vulnerable versions of Telerik UI by sophisticated actors This advisory is focused around the targeting of CVE-2019-18935 but has significant overlap to the previously released ACSC 2019-126 advisory. Audience focus: Organisations & Critical Infrastructure Government Pagination Previous page ‹‹ Page 18 Next page ›› Alerts and Advisories View our recent alerts and advisories Alerts and Advisories Advice, guidance and publications Reports and statistics News Programs Glossary