All archived alerts and advisories Title TypeAdvisoryAlert StatusCRITICALHIGHMEDIUMLOW AudienceIndividuals & familiesSmall & medium businessesOrganisations & Critical InfrastructureGovernment Sort by Sort byDate updated (new to old)Date updated (old to new)Title (A-Z)Title (Z-A) Items per page 61218243036424854606672788490200 10 Feb 2022 Alert rating: Medium Increased Global Ransomware Threats In 2021, cybersecurity authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally. Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government 04 Feb 2022 Alert rating: High Remote code execution vulnerability present in Samba versions prior to 4.13.17 A vulnerability (CVE-2021-44142) has been identified in Samba versions prior to 4.13.17. Exploitation of this vulnerability could allow a malicious cyber actor to perform privileged remote code execution. Affected Australian organisations should apply the available patch, including affected software vendors. Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government 19 Jan 2022 Alert rating: High Remote code execution vulnerability present in SonicWall SMA 100 series appliances A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch. Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government 19 Jan 2022 Alert rating: Medium Phone and email scammers impersonating the ASD's ACSC The Australian government will NEVER phone you to request access to your computer, or request you to purchase cryptocurrencies or gift cards. If you receive a suspicious phone call, take the caller's details, hang up and contact the company they claim to represent via official communication channels listed on their website. Never call a number provided by the scammer. Audience focus: Individuals & families 07 Jan 2022 Advisory Log4j: What Boards and Directors Need to Know Log4j is a software library used as a building block found in a wide variety of Java applications. The Log4j vulnerability – otherwise known as Log4Shell – is trivial to exploit, and represents a significant business continuity risk. This publication outlines what Boards and Directors need to know in order to protect their businesses. Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government 29 Dec 2021 Advisory 2021-007: Log4j vulnerability – advice and mitigations On 10 December 2021, ASD's ACSC released an alert relating to a serious vulnerability in versions of the Log4j Java logging library. Malicious cyber actors are using this vulnerability to target and compromise systems globally and in Australia. The ASD's ACSC is working with a significant number of victims and affected vendors across all sectors of the economy. Audience focus: Individuals & families Small & medium businesses Organisations & Critical Infrastructure Government Pagination Previous page ‹‹ Page 6 Next page ›› Alerts and Advisories View our recent alerts and advisories Alerts and Advisories Advice, guidance and publications Reports and statistics News Programs Glossary
