On 24 April 2021, Australian software company Click Studios announced a compromise of the software update process for their enterprise password management software PasswordState, used by organisations in Australia and globally.
Advanced Persistent Threat actors targeting historic Fortinet vulnerabilities
Microsoft identifies malicious actors exploiting Microsoft Exchange server vulnerabilities
ANSSI identifies campaign targeting Centreon system monitoring software
SonicWall identified an internal systems breach using a zero-day vulnerability within the SMA 100 series 10.x code.
ACSC identified Australian organisations may have been impacted the Accellion File Transfer Appliance vulnerability and has provided mitigation recommendations.
FireEye identifies global campaign leveraging malicious updates to SolarWinds software.
Scammers purporting to be from ACSC are calling and emailing Australians and attempting to trick them into installing malicious software on personal devices.
The ACSC has observed increased targeting activity against the Australian health sector by actors using the SDBBot Remote Access Tool (RAT).