All archived alerts and advisories Title TypeAdvisoryAlert StatusCRITICALHIGHMEDIUMLOW AudienceIndividuals & familiesSmall & medium businessesOrganisations & Critical InfrastructureGovernment Sort by Sort byDate updated (new to old)Date updated (old to new)Title (A-Z)Title (Z-A) Items per page 61218243036424854606672788490200 14 Sep 2021 Alert rating: High Remote code execution vulnerability present in the MSHTML component of Microsoft Windows A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. At this current time there is no patch available, affected Australian customers should apply the Microsoft recommended workarounds. Audience focus: Individuals & families Small & medium businesses Organisations & Critical Infrastructure Government 10 Sep 2021 Alert rating: Medium Suspected user credentials stolen from FortiNet devices leaked online A malicious cyber actor has leaked a list of suspected user credentials and IP address of the associated FortiNet SSL VPN device the credentials are used for. Organisations should review the patch status and history of internet exposed FortiNet SSL VPN devices and consider performing a password reset for affected users. Audience focus: Organisations & Critical Infrastructure Government 01 Sep 2021 Alert rating: High Remote code execution vulnerability present in certain versions of Atlassian Confluence A vulnerability exists in certain self-hosted versions of Atlassian Confluence which could allow a malicious cyber actor to execute arbitrary code. Affected organisations should apply the available patch to mitigate this vulnerability. Audience focus: Organisations & Critical Infrastructure Government 30 Aug 2021 Alert rating: Medium Property-related business email compromise scams rising in Australia Cybercriminals are targeting the property and real estate sector to conduct business email compromise scams. All parties involved in the buying, selling and leasing of property should be vigilant when communicating via email, particularly during settlement periods. Audience focus: Individuals & families Small & medium businesses Organisations & Critical Infrastructure Government 27 Aug 2021 Alert rating: Medium Malicious actors deploying Gootkit Loader on Australian Networks Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed an increase of Gootkit JavaScript (JS) Loaders on Australian networks. Audience focus: Organisations & Critical Infrastructure Government 27 Aug 2021 Advisory 2021-009: Malicious actors deploying Gootkit Loader on Australian Networks From April 2021, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has received an increase in reporting of malicious actors targeting Australian networks with Gootkit JavaScript (JS) Loaders. Open-source reporting confirms that Gootkit JS Loaders are a precursor to several malware families traditionally used for cybercrime, notably, Gootkit, REvil ransomware, Kronos, or CobaltStrike. The ASD’s ACSC is providing this information to enable organisations to undertake their own risk assessments and take appropriate actions to secure their systems and networks. The ASD’s ACSC will update this advisory if more information becomes available. Audience focus: Organisations & Critical Infrastructure Government Pagination Previous page ‹‹ Page 10 Next page ›› Alerts and Advisories View our recent alerts and advisories Alerts and Advisories Advice, guidance and publications Reports and statistics News Programs Glossary
