Search

DDoS threats being made against Australian organisations   Alert

May 25, 2020 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a number of Denial of Service (DoS) for ransom threats being made against Australian organisations, primarily in the banking and finance sector.

Avaddon Ransomware   Alert

May 8, 2021 - Increase in Avaddon ransomware attacks in Australia.

Processors can be exploited by Meltdown and Spectre vulnerabilities   Alert

Jan 29, 2020 - Security researchers have developed methods involving speculative execution to read kernel memory from user space on a variety of processors from a range of vendors produced in the last decade. These methods have been referred to as Meltdown and Spectre.

SDBBot targeting health sector   Alert

Nov 12, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed increased targeting activity against the Australian health sector by actors using the SDBBot Remote Access Tool (RAT).

2020-003: Mailto ransomware incidents   Alert

Feb 6, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of recent ransomware incidents involving a ransomware tool known as ‘Mailto’ or ‘Kazakavkovkiz’. Mailto belongs to the KoKo ransomware family.

High Severity vulnerability present in OpenSSL version 3.x   Alert

Nov 2, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a buffer overrun and buffer overflow vulnerability in OpenSSL versions above to 3.0. All Australian organisations using version 3.x should apply the available patch immediately.

Netlogon elevation of privilege vulnerability (CVE-2020-1472)   Alert

Sep 22, 2020 - The ACSC is aware of a recently disclosed critical vulnerability in Microsoft Active Directory Domain Controller systems that allows unauthenticated attackers to trivially access administrative credentials.

Active exploitation of vulnerable MobileIron products   Alert

Sep 18, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of vulnerabilities in multiple MobileIron products by malicious cyber actors, including sophisticated state-based actors.

TMUI remote code execution vulnerability - CVE-2020-5902   Alert

Jul 6, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) advises users of F5’s enterprise and data centre BIG-IP products to ensure their systems are promptly patched after the recent disclosure of new remote code execution vulnerability.

Conti ransomware incidents in Australia   Alert

Dec 10, 2021 - Multiple Australian organisations have been impacted by Conti ransomware in November and December 2021.

Multiple Vulnerabilities in Atlassian Confluence Data Center and Server   Alert

Nov 1, 2023 - ASD’s ACSC has received information on multiple vulnerabilities in Atlassian’s Confluence Data Center and Server (CVE-2023-22515 & CVE-2023-22518). Organisations are strongly encouraged to take immediate action to ensure affected instances are patched.

VMware vCenter Server plugin remote code execution vulnerability (CVE-2021-21972)   Alert

Feb 25, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) advises users of VMware vCenter Server products, including as part of VMware Cloud Foundation, to ensure their systems are promptly patched after the recent disclosure of a new remote code execution vulnerability.

Critical vulnerability identified in Apple iOS and macOS   Alert

Feb 12, 2022 - A Remote Code Execution vulnerability has been identified in certain versions of Apple WebKit, affecting iOS and macOS devices. Affected users of these devices should update their devices as soon as possible.

Increased Global Ransomware Threats   Alert

Feb 10, 2022 - In 2021, cybersecurity authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally.

Malicious actors deploying Gootkit Loader on Australian Networks   Alert

Aug 27, 2021 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed an increase of Gootkit JavaScript (JS) Loaders on Australian networks.

LockBit 2.0 ransomware incidents in Australia   Alert

Aug 5, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed an increase in reporting of LockBit 2.0 ransomware incidents in Australia.

Critical severity vulnerability in Fortinet Fortigate SSL-VPN devices   Alert

Jun 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a critical pre-authentication remote code execution vulnerability in Fortinet Fortigate SSL VPN devices. Australian organisations should patch their products and apply any recommended mitigations.

Microsoft Releases Security Updates for Microsoft Edge Browser   Alert

Jun 30, 2021 - On June 24 2021, Microsoft released updates for their Edge Browser addressing two vulnerabilities that an attacker could exploit to inject and execute malicious code.

Google Releases Security Updates for Chrome Browser   Alert

Jun 21, 2021 - On June 17 2021, Google released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. The patch notes for this version can be viewed at Chrome Release Note.

Critical vulnerability present in certain versions of Microsoft Excel   Alert

Nov 11, 2021 - Microsoft has identified active exploitation of a vulnerability in Microsoft Excel. Affected Australian organisations should apply the available security update as soon as possible.