(1300 292 371)
You can view all our alerts from this page. Use the filters below to filter by audience type, title and summary and the sort options to sort for the most recently updated or published content.
06 Feb 2020 - Alert status: HIGH
2020-003: Mailto ransomware incidents
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of recent ransomware incidents involving a ransomware tool known as ‘Mailto’ or ‘Kazakavkovkiz’. Mailto belongs to the KoKo ransomware family.
29 Jan 2020 - Alert status: HIGH
Processors can be exploited by Meltdown and Spectre vulnerabilities
Security researchers have developed methods involving speculative execution to read kernel memory from user space on a variety of processors from a range of vendors produced in the last decade. These methods have been referred to as Meltdown and Spectre.
15 Jan 2020 - Alert status: CRITICAL
2020-002: Critical vulnerabilities for Microsoft Windows
On 15 January 2020 (AEDT), Microsoft released security patches for three critical and one important vulnerabilities in the Microsoft Remote Desktop Client, Remote Desktop Gateway and the Windows operating system. The ACSC recommends that users of these products apply patches urgently to prevent malicious actors from using these vulnerabilities to compromise your network.
13 Jan 2020 - Alert status: CRITICAL
Active exploitation of critical vulnerability in Citrix Application Delivery Controller and Citrix Gateway
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of ongoing attempts to exploit a critical vulnerability in Citrix Application Delivery Controller (ADC) (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP.
05 Aug 2019 - Alert status: HIGH
2019-130: Password spray attacks
The Australian Cyber Security Centre (ACSC) is aware of a high volume of ongoing password spray attacks targeting Australian organisations.
30 Jul 2019 - Alert status: HIGH
Link to ICS-CERT alerts from the US Department of Homeland Security
03 Jul 2019 - Alert status: HIGH
2019-009: Securing unprotected network and data services
The Australian Cyber Security Centre (ACSC), the cyber defensive component of the Australian Signals Directorate (ASD), has observed a large number of unprotected network and database/storage services hosted on Australian Internet Protocol (IP) address ranges.
06 Jun 2019 - Alert status: HIGH
Microsoft Windows security vulnerability – ‘BlueKeep’ (CVE-2019-0708)
CVE-2019-0708, also known as ‘BlueKeep’ leaves users open to attack from malicious actors who can exploit a vulnerability via Remote Desktop Services (RDS) on legacy versions of the Windows operating system.
06 May 2019 - Alert status: MEDIUM
Microsoft SharePoint CVE-2019-0604
The ACSC is aware of malicious cyber actors successfully exploiting a Microsoft SharePoint vulnerability in order to implant web shells on compromised hosts.
15 Mar 2019 - Alert status: MEDIUM
773M accounts affected by 'Collection #1' breach
The Australian Cyber Security Centre (ACSC) is aware of a significant data breach affecting 773 million email addresses and usernames.
29 Sep 2018 - Alert status: MEDIUM
Facebook security issue affects 50M user accounts
The ACSC is aware of a security issue affecting 50 million Facebook user accounts whereby a flaw in the 'View As' feature allowed attackers to steal Facebook access tokens, which could be used to take over user's accounts. Access tokens are the equivalent of digital keys that allow users to remain logged into Facebook.
01 Jul 2018 - Alert status: CRITICAL
Vulnerability in the Drupal content management system
The ACSC has become aware of a critical vulnerability in the Drupal content management system. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.
17 Apr 2018 - Alert status: HIGH
Routers targeted: Cisco Smart Install feature continues to be targeted by Russian state-sponsored actors
Russian state-sponsored actors are responsible for activity targeting Cisco devices using the Smart Install feature worldwide, including Australia.
15 Nov 2015 - Alert status: HIGH
Web shells being used as attack vectors on networks
This alert highlights the frequent use of web shells as an exploitation vector. Web shells can be used to leverage unauthorised access and can lead to wider network compromise.
1300 CYBER1(1300 292 371)