A critical unauthenticated remote code execution vulnerability (CVE-2022-26134) has been identified in all supported versions of Atlassian Confluence Server and Data Center. Organisations should restrict internet access to and from affected devices.
Multiple vulnerabilities present in VMware products
The ACSC is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate action.
Multiple vulnerabilities present in F5 products
The ACSC is aware of a F5 Security Advisory Addressing Multiple Vulnerabilities in their BIG-IP Product Range. Affected Australian organisations should take appropriate action.
Multiple vulnerabilities present in the Spring Framework for…
ACSC is aware of media reporting relating to multiple potential vulnerabilities, including the vulnerability identified as ‘Spring4Shell’ or ‘SpringShell’, in the Spring Framework for Java and its execution environments. These vulnerabilities pose a threat to…
Remote code execution vulnerability present in Sophos Firewall
A vulnerability (CVE-2022-1040) has been identified in Sophos Firewall prior to version 18.5 which could allow a malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.
New domain name changes could leave your business or organisation…
The new domain name category, could leave your business or organisation open to fraudulent cyber activity. Register your .au domain name before it becomes available to the general public.
Australian organisations encouraged to urgently adopt an enhanced…
Australian organisations are encouraged to urgently adopt an enhanced cyber security position. Organisations should act now and follow ACSC’s advice to improve their cyber security resilience in light of the heightened threat environment.
Australian organisations encouraged to urgently adopt an enhanced…
Australian organisations should urgently adopt an enhanced cybersecurity posture. Entities should follow ACSC advice and act on improving their resilience with the cyber threat heightened.
Critical vulnerability identified in Apple iOS and macOS
A Remote Code Execution vulnerability has been identified in certain versions of Apple WebKit, affecting iOS and macOS devices. Affected users of these devices should update their devices as soon as possible.