A vulnerability (CVE-2021-44228) exists in certain versions of the Log4j library. A malicious cyber actor could exploit this vulnerability to execute arbitrary code. Australian organisations should apply latest patches immediately where Log4j is known to…

Multiple Australian organisations have been impacted by Conti ransomware in November and December 2021.

A vulnerability exists in certain versions of Apache Log4j2 library. A malicious cyber actor could exploit this vulnerability to execute arbitrary code. Affected Australian organisations should apply the available patch.

Vulnerabilities have been identified in certain versions of Zoho ManageEngine ServiceDesk Plus and Desktop Central product suites. Australian organisations using vulnerable Zoho ManageEngine products should apply the available patch.

A vulnerability (CVE-2021-44077) has been identified in certain versions of Zoho ManageEngine ServiceDesk Plus. Exploitation of this vulnerability could allow an unauthenticated cyber actor to perform remote code execution on an unpatched system. A cyber…

FBI and CISA have observed an Iranian government-sponsored APT group that are exploiting vulnerabilities to gain access to systems. The APT group has exploited the same Microsoft Exchange vulnerability in Australia.

Microsoft has identified active exploitation of a vulnerability in Microsoft Excel. Affected Australian organisations should apply the available security update as soon as possible.

There is active exploitation of a vulnerability occurring in certain versions of Sitecore Experience Platform systems. Affected Australian organisation should apply the available security update.