All archived alerts and advisories Title TypeAdvisoryAlert StatusCRITICALHIGHMEDIUMLOW AudienceIndividuals & familiesSmall & medium businessesOrganisations & Critical InfrastructureGovernment Sort by Sort byDate updated (new to old)Date updated (old to new)Title (A-Z)Title (Z-A) Items per page 61218243036424854606672788490200 09 May 2022 Alert rating: High Multiple vulnerabilities present in F5 products The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a F5 Security Advisory Addressing Multiple Vulnerabilities in their BIG-IP Product Range. Affected Australian organisations should take appropriate action. Audience focus: Organisations & Critical Infrastructure Government 28 Apr 2022 Advisory 2021 Top Routinely Exploited Vulnerabilities This advisory provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited. Audience focus: Organisations & Critical Infrastructure Government 28 Apr 2022 Advisory 2022-02: Australian organisations should urgently adopt an enhanced cyber security posture Entities should follow ACSC advice and act on improving their resilience within a heightened threat environment. Audience focus: Organisations & Critical Infrastructure 14 Apr 2022 Advisory 2022-004: ASD's ACSC Ransomware Profile – ALPHV (aka BlackCat) ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government 04 Apr 2022 Alert rating: High Multiple vulnerabilities present in the Spring Framework for Java The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of media reporting relating to multiple potential vulnerabilities, including the so-called SpringShell vulnerability, in the Java Spring framework and its execution environments. These vulnerabilities pose a threat to organisations running applications on the web which contain components using the Java Spring framework. Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government 30 Mar 2022 Alert rating: High Remote code execution vulnerability present in Sophos Firewall A vulnerability (CVE-2022-1040) has been identified in Sophos Firewall prior to version 18.5 which could allow a malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch. Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government Pagination Previous page ‹‹ Page 4 Next page ›› Alerts and Advisories View our recent alerts and advisories Alerts and Advisories Advice, guidance and publications Reports and statistics News Programs Glossary
