Critical severity vulnerability in Fortinet FortiOS SSL-VPN
The Australian Cyber Security Centre (ACSC) is aware of a heap-based buffer overflow vulnerability in FortiOS…
Critical vulnerabilities in Citrix Gateway and Application Delivery Controller (ADC) devices
The Australian Cyber Security Centre (ACSC) is aware of a critical vulnerability affecting many versions of…
Optus Data Breach
o help protect against fraud, Optus has notified customers to look to reputable sources such as…
Potential vulnerability associated with Microsoft Exchange
The ACSC is aware of a potential vulnerability associated with Microsoft Exchange Server (Exchange). Australian organisations…
Post-Quantum Cryptography
A cryptographically relevant quantum computer (CRQC) will render most contemporary public key cryptography (PKC) insecure, thus making ubiquitous secure communications based on current PKC technology infeasible. The Australian Signals Directorate (ASD) is aware of the risks presented by the creation of a CRQC and encourages organisations to consider anticipating future requirements and dependencies of vulnerable systems during the transition to PQC standards.
Exploitation of Microsoft Office vulnerability: Follina
The ACSC is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support…
Remote code execution vulnerability present in Atlassian Confluence Server and Data Center
A critical unauthenticated remote code execution vulnerability (CVE-2022-26134) has been identified in all supported versions of Atlassian Confluence Server and Data Center. Organisations should restrict internet access to and from affected devices.
Exploitation of Microsoft Office vulnerability: Follina
he ACSC is aware of active exploitation of the “Follina” zero-day vulnerability in the Microsoft Support…
Multiple vulnerabilities present in VMware products
The ACSC is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate…
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom are…