You are here Home About the ACSC View all content Alerts & Advisories Alerts and advisories Find the latest in cyber security alerts and advice Top alerts and advisories 15 Jun 2022Alert rating CRITICALCritical alert ratingA critical alert is a cyber security vulnerability where people should take immediate (same day) action. The vulnerability is trivial to exploit, with Proof of Concept (PoC) available. There are generally no mitigating factors available, and the impact is widespread among customers. The ACSC may also be aware of active targeting by malicious cyber actors. Critical alerts refer to vulnerabilities that are (or strongly suspected will be) affecting Australia.Exploitation of Microsoft Office vulnerability: FollinaThe ACSC is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action. 05 Jun 2022Alert rating CRITICALCritical alert ratingA critical alert is a cyber security vulnerability where people should take immediate (same day) action. The vulnerability is trivial to exploit, with Proof of Concept (PoC) available. There are generally no mitigating factors available, and the impact is widespread among customers. The ACSC may also be aware of active targeting by malicious cyber actors. Critical alerts refer to vulnerabilities that are (or strongly suspected will be) affecting Australia.Remote code execution vulnerability present in Atlassian Confluence Server and Data CenterA critical unauthenticated remote code execution vulnerability (CVE-2022-26134) has been identified in all supported versions of Atlassian Confluence Server and Data Center. ACSC recommends organisations restrict internet… 24 May 2022Alert rating HIGHHigh alert ratingA high alert is a cyber security vulnerability where people should act quickly (within 48 hours). There are generally no mitigating factors available, and the impact is widespread amongst customers. Impacts are estimated to be lower than a critical alert. High alerts refer to vulnerabilities that might affect Australia.Multiple vulnerabilities present in VMware productsThe ACSC is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate action. All alerts and advisories Status StatusCRITICALHIGHMEDIUMLOW Type TypeAdvisoryAlert Audience AudienceIndividuals & familiesSmall & medium businessesOrganisations & Critical InfrastructureGovernment Title Date updatedTitle AscDesc Items per page 6121824- All - 28 Apr 2022Alert rating 2022-02: Australian organisations should urgently adopt an enhanced cyber security posture Entities should follow ACSC advice and act on improving their resilience within a heightened threat environment. 28 Apr 2022Alert rating 2021 Top Routinely Exploited Vulnerabilities This advisory provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited. 14 Apr 2022Alert rating 2022-004: ACSC Ransomware Profile – ALPHV (aka BlackCat) ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. 04 Apr 2022Alert rating HIGH High alert rating A high alert is a cyber security vulnerability where people should act quickly (within 48 hours). There are generally no mitigating factors available, and the impact is widespread amongst customers. Impacts are estimated to be lower than a critical alert. High alerts refer to vulnerabilities that might affect Australia. Multiple vulnerabilities present in the Spring Framework for Java The ACSC is aware of media reporting relating to multiple potential vulnerabilities, including the so-called SpringShell vulnerability, in the Java Spring framework and its execution environments. These vulnerabilities… 30 Mar 2022Alert rating HIGH High alert rating A high alert is a cyber security vulnerability where people should act quickly (within 48 hours). There are generally no mitigating factors available, and the impact is widespread amongst customers. Impacts are estimated to be lower than a critical alert. High alerts refer to vulnerabilities that might affect Australia. Remote code execution vulnerability present in Sophos Firewall A vulnerability (CVE-2022-1040) has been identified in Sophos Firewall prior to version 18.5 which could allow a malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the… 28 Mar 2022Alert rating HIGH High alert rating A high alert is a cyber security vulnerability where people should act quickly (within 48 hours). There are generally no mitigating factors available, and the impact is widespread amongst customers. Impacts are estimated to be lower than a critical alert. High alerts refer to vulnerabilities that might affect Australia. Australian organisations encouraged to urgently adopt an enhanced cyber security posture Australian organisations are encouraged to urgently adopt an enhanced cyber security posture. Organisations should act now and follow ACSC’s advice to improve their cyber security resilience in light of the heightened… Pagination Previous page ‹‹ Page 2 Next page ›› Think you might be impacted? Cybercrime is the use of a computer or online network to commit crimes such as fraud, online image abuse, identity theft or threats and intimidation. You can report cybercrime to the police via ReportCyber. Never miss a threat Sign up for the latest cyber security alerts and get weekly info on threats, how to keep yourself secure, and cyber news Your name Email reCAPTCHAv3 Validation Response Was this information helpful? Was this information helpful? Yes No Thanks for your feedback! Thanks for your feedback! Optional Tell us why this information was helpful and we’ll work on making more pages like it Watch out for new threats Learn how to identify common cyberattacks and defend yourself against them. Set up and perform regular backups Learn how to make a copy of your files so you don't lose valuable data.