All archived alerts and advisories Title TypeAdvisoryAlert StatusCRITICALHIGHMEDIUMLOW AudienceIndividuals & familiesSmall & medium businessesOrganisations & Critical InfrastructureGovernment Sort by Sort byDate updated (new to old)Date updated (old to new)Title (A-Z)Title (Z-A) Items per page 61218243036424854606672788490200 23 Dec 2021 Alert rating: High Use of Log4j vulnerabilities in ransomware activity The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) expects an increase in ransomware activity using Log4j as an exploit vector. Malicious actors may take advantage of trivial exploits to impact Australian organisations. Audience focus: Individuals & families Small & medium businesses Organisations & Critical Infrastructure Government 23 Dec 2021 Advisory Mitigating Log4Shell and Other Log4j-Related Vulnerabilities Malicious cyber actors are actively scanning networks to potentially exploit Log4Shell, CVE-2021-45046, and CVE-2021-45105 in vulnerable systems. According to public reporting, Log4Shell and CVE-2021-45046 are being actively exploited. This joint Cybersecurity Advisory is to provide mitigation guidance on addressing vulnerabilities. Audience focus: Individuals & families Small & medium businesses Organisations & Critical Infrastructure Government 21 Dec 2021 Alert rating: Critical Critical remote code execution vulnerability found in the Log4j library A vulnerability (CVE-2021-44228) exists in certain versions of the Log4j library. A malicious cyber actor could exploit this vulnerability to execute arbitrary code. Australian organisations should apply latest patches immediately where Log4j is known to be used. Audience focus: Individuals & families Small & medium businesses Organisations & Critical Infrastructure Government 10 Dec 2021 Alert rating: Medium Conti ransomware incidents in Australia Multiple Australian organisations have been impacted by Conti ransomware in November and December 2021. Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government 08 Dec 2021 Alert rating: High Zoho ManageEngine ServiceDesk Plus & Desktop Central remote code execution vulnerabilities Vulnerabilities have been identified in certain versions of Zoho ManageEngine ServiceDesk Plus and Desktop Central product suites. Australian organisations using vulnerable Zoho ManageEngine products should apply the available patch. Audience focus: Small & medium businesses Organisations & Critical Infrastructure Government 22 Nov 2021 Advisory Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple U.S. critical infrastructure sectors, including the Transportation Sector and the Healthcare and Public Health Sector, as well as Australian organisations. Audience focus: Individuals & families Small & medium businesses Organisations & Critical Infrastructure Government Pagination Previous page ‹‹ Page 7 Next page ›› Alerts and Advisories View our recent alerts and advisories Alerts and Advisories Advice, guidance and publications Reports and statistics News Programs Glossary
