SonicWall devices are being targeted by a malicious cyber actor as targets for ransomware. The ACSC is aware of likely related activity targeting Australian organisations.
Cybercriminals targeting construction companies to conduct email scams
Cybercriminals are targeting construction companies to conduct business email compromise scams. All parties to construction projects should be vigilant when emailing about invoices and bank details.
Kaseya VSA Supply-Chain Ransomware Attack
The ACSC has observed reporting that ransomware group REvil is exploiting vulnerable instances of Kaseya VSA globally. Kaseya VSA is a platform that provides endpoint management and network monitoring.
Microsoft Releases Security Updates for Microsoft Edge Browser
On June 24, 2021 Microsoft released updates for their Edge Browser addressing two vulnerabilities that an attacker could exploit to inject and execute malicious code.
Google Releases Security Updates for Chrome Browser
On June 17, 2021 Google released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. The patch notes for this version can be viewed at Chrome Release Note.
Multiple high severity vulnerabilities discovered in the Exim…
Exim vulnerabilities could enable a malicious cyber actor to compromise vulnerable Exim servers. The ACSC strongly recommends applying available patches.
Avaddon Ransomware
Increase in Avaddon ransomware attacks in Australia.
Potential exploitation of Click Studio’s PasswordState software
On 24 April 2021, Australian software company Click Studios announced a compromise of the software update process for their enterprise password management software PasswordState, used by organisations in Australia and globally.
Exploitation of Pulse Connect Secure Vulnerabilities
New advice for mitigating Pulse Connect Secure Virtual Private Network (VPN) vulnerabilities