View all alerts

01 Dec 2022 - Alert status: MEDIUM

Medibank Private Cyber Security Incident

ASD’s Australian Cyber Security Centre is working closely with Medibank Private following the recent incident.

02 Nov 2022 - Alert status: HIGH

High Severity vulnerability present in OpenSSL version 3.x

The Australian Cyber Security Centre (ACSC) is aware of a buffer overrun and buffer overflow vulnerability in OpenSSL versions above to 3.0. All Australian organisations using version 3.x should apply the available patch immediately.

11 Oct 2022 - Alert status: CRITICAL

Remote code execution vulnerability present in vm2 sandbox

The ACSC is aware of a remote code execution vulnerability in vm2 sandbox versions prior to 3.9.11. Affected Australian organisations should apply the available patch immediately.

30 Sep 2022 - Alert status: MEDIUM

Optus Data Breach

To help protect against fraud, Optus has notified customers to look to reputable sources such as Moneysmart and the Office of the Australian Information Commissioner.

08 Aug 2022 - Alert status: LOW

Are you ready for Australian domain name changes?

Australians have until 20 September 2022 to seek priority allocation of an .au direct domain name that matches their existing domain name.

15 Jun 2022 - Alert status: CRITICAL

Exploitation of Microsoft Office vulnerability: Follina

The ACSC is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.

12 Feb 2022 - Alert status: CRITICAL

Critical vulnerability identified in Apple iOS and macOS

A Remote Code Execution vulnerability has been identified in certain versions of Apple WebKit, affecting iOS and macOS devices. Affected users of these devices should update their devices as soon as possible.

19 Jan 2022 - Alert status: MEDIUM

Phone and email scammers impersonating the ACSC

The Australian government will NEVER phone you to request access to your computer, or request you to purchase cryptocurrencies or gift cards. If you receive a suspicious phone call, take the caller's details, hang up and contact the company they claim to represent via official communication channels listed on their website. Never call a number provided by the scammer.

23 Dec 2021 - Alert status: HIGH

Use of Log4j vulnerabilities in ransomware activity

The ACSC expects an increase in ransomware activity using Log4j as an exploit vector. Malicious actors may take advantage of trivial exploits to impact Australian organisations.

21 Dec 2021 - Alert status: CRITICAL

Critical remote code execution vulnerability found in the Log4j library

A vulnerability (CVE-2021-44228) exists in certain versions of the Log4j library. A malicious cyber actor could exploit this vulnerability to execute arbitrary code. Australian organisations should apply latest patches immediately where Log4j is known to be used.

17 Nov 2021 - Alert status: CRITICAL

Iranian Government-Sponsored APT Cyber Actors

FBI and CISA have observed an Iranian government-sponsored APT group that are exploiting vulnerabilities to gain access to systems. The APT group has exploited the same Microsoft Exchange vulnerability in Australia.

11 Nov 2021 - Alert status: CRITICAL

Critical vulnerability present in certain versions of Microsoft Excel

Microsoft has identified active exploitation of a vulnerability in Microsoft Excel. Affected Australian organisations should apply the available security update as soon as possible.

13 Oct 2021 - Alert status: HIGH

Multiple key vulnerabilities identified in Microsoft products

Multiple key vulnerabilities were identified in Microsoft’s 12 October 2021 patch release. While all vulnerabilities addressed in this release are important to mitigate the ACSC wishes to highlight several vulnerabilities for priority consideration.

13 Oct 2021 - Alert status: HIGH

Critical vulnerability present in certain versions of Apple iOS and iPadOS

A vulnerability has been identified in certain Apple products which could allow an actor to install malware or perform other actions on a vulnerable device.

22 Sep 2021 - Alert status: CRITICAL

Critical vulnerability in certain Hikvision products, IP cameras

A critical vulnerability exists in Hikvision products, including IP cameras, which could allow a cyber actor to take full control of the device. Affected Australian customers should apply an appropriate firmware update provided by Hikvision.

16 Sep 2021 - Alert status: HIGH

Remote code execution vulnerability present in the Windows Scripting Engine of Microsoft Windows

A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian customers should apply the security update provided by Microsoft.

14 Sep 2021 - Alert status: HIGH

Remote code execution vulnerability present in the MSHTML component of Microsoft Windows

A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. At this current time there is no patch available, affected Australian customers should apply the Microsoft recommended workarounds.

14 Sep 2021 - Alert status: HIGH

Critical vulnerabilities present in certain versions of Apple iOS, macOS and Safari

Vulnerabilities have been identified in certain versions of Apple iOS, macOS and Safari which could allow an actor to install malware or perform other actions on a vulnerable device or computer.

30 Aug 2021 - Alert status: MEDIUM

Property-related business email compromise scams rising in Australia

Cybercriminals are targeting the property and real estate sector to conduct business email compromise scams. All parties involved in the buying, selling and leasing of property should be vigilant when communicating via email, particularly during settlement periods.

06 Jul 2021 - Alert status: MEDIUM

Cybercriminals targeting construction companies to conduct email scams

Cybercriminals are targeting construction companies to conduct business email compromise scams. All parties to construction projects should be vigilant when emailing about invoices and bank details.

30 Jun 2021 - Alert status: LOW

Microsoft Releases Security Updates for Microsoft Edge Browser

On June 24 2021, Microsoft released updates for their Edge Browser addressing two vulnerabilities that an attacker could exploit to inject and execute malicious code.

21 Jun 2021 - Alert status: HIGH

Google Releases Security Updates for Chrome Browser

On June 17 2021, Google released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. The patch notes for this version can be viewed at Chrome Release Note.

15 Apr 2021 - Alert status: CRITICAL

Exchange server critical vulnerabilities

On 2 March 2021 Microsoft released information regarding multiple exploits being used to compromise instances of Microsoft Exchange Server. Malicious actors are exploiting these vulnerabilities to compromise Microsoft Exchange servers exposed to the internet, enabling access to email accounts and to enable further compromise of the Exchange server and associated networks.

01 Oct 2020 - Alert status: HIGH

2019-131a: Emotet malware campaign

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has observed an ongoing and widespread campaign of malicious emails designed to spread Emotet across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies.

13 Aug 2020 - Alert status: HIGH

Phone scams impersonating Australian businesses and government agencies

Cybercriminals are spoofing Australian mobile numbers and pretending to be from an Australian Government agency, delivery company or business, manipulating the individual to gain access to their device.

02 Aug 2020 - Alert status: CRITICAL

Ransomware targeting Australian aged care and healthcare sectors

The ACSC is aware of increased targeting of healthcare, including hospitals and aged care, by ransomware campaigns undertaken by cyber criminals.

16 Jul 2020 - Alert status: HIGH

Increasing reports of myGov-related SMS and email scams targeting Australians

Be on the lookout for myGov-related SMS and email scams asking you to verify your myGov details.

14 Jul 2020 - Alert status: CRITICAL

Critical vulnerability for SAP NetWeaver Application Server (CVE-2020-6287)

On 13 July 2020 (United States EST), enterprise resource planning provider SAP released a security patch for a critical vulnerability affecting the Java component LM Configuration Wizard within the SAP NetWeaver Application Server.

22 May 2020 - Alert status: HIGH

COVID-19 malicious cyber activity

Malicious cyber actors are actively targeting individuals and Australian organisations with COVID-19 related scams and phishing emails. These incidents are likely to increase in frequency and severity over the coming weeks and months. This is due, in part, to the ease in which existing scam emails and texts can be modified with a COVID-19 theme.

16 Apr 2020 - Alert status: HIGH

Sextortion email campaign impacting Australians

A large number of Australians are being impacted by an email ‘sextortion’ campaign in which the cyber scammers responsible have threatened to release personal and sensitive information to the recipients’ contacts unless the scammer is paid in cash or bitcoin.

06 Feb 2020 - Alert status: HIGH

2020-003: Mailto ransomware incidents

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of recent ransomware incidents involving a ransomware tool known as ‘Mailto’ or ‘Kazakavkovkiz’. Mailto belongs to the KoKo ransomware family.

15 Jan 2020 - Alert status: CRITICAL

2020-002: Critical vulnerabilities for Microsoft Windows

On 15 January 2020 (AEDT), Microsoft released security patches for three critical and one important vulnerabilities in the Microsoft Remote Desktop Client, Remote Desktop Gateway and the Windows operating system. The ACSC recommends that users of these products apply patches urgently to prevent malicious actors from using these vulnerabilities to compromise your network.

13 Dec 2019 - Alert status: HIGH

Australia Post SMS scam targeting Australians

With millions of parcel deliveries expected around the country, Australia Post is seeing widespread scam text (SMS) messages being sent to people, using their brand.

24 Jul 2019 - Alert status: HIGH

Sextortion campaign

The Australian Cyber Security Centre (ACSC) is aware of a sextortion scam email campaign targeting the Australian community.

06 Jun 2019 - Alert status: HIGH

Microsoft Windows security vulnerability – ‘BlueKeep’ (CVE-2019-0708)

CVE-2019-0708, also known as ‘BlueKeep’ leaves users open to attack from malicious actors who can exploit a vulnerability via Remote Desktop Services (RDS) on legacy versions of the Windows operating system.

15 Mar 2019 - Alert status: MEDIUM

773M accounts affected by 'Collection #1' breach

The Australian Cyber Security Centre (ACSC) is aware of a significant data breach affecting 773 million email addresses and usernames.

29 Sep 2018 - Alert status: MEDIUM

Facebook security issue affects 50M user accounts

The ACSC is aware of a security issue affecting 50 million Facebook user accounts whereby a flaw in the 'View As' feature allowed attackers to steal Facebook access tokens, which could be used to take over user's accounts. Access tokens are the equivalent of digital keys that allow users to remain logged into Facebook.