Vulnerabilities affecting a Bluetooth chipset present in more than two dozen audio devices from ten vendors can be exploited for eavesdropping or stealing sensitive information. Researchers confirmed that 29 devices from Beyerdynamic, Bose, Sony, Marshall, Jabra, JBL, Jlab, EarisMax, MoerLabs, and Teufel are affected. The list of impacted products includes speakers, earbuds, headphones, and wireless
News | Cyber.gov.au
Acknowledgement of Country We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia’s First Peoples’ enduring contribution to Australia’s national security.
Let’s Encrypt ends certificate expiry emails to cut costs, boost privacy
Let’s Encrypt has announced it will no longer notify users about imminent certificate expirations via email due to high costs, privacy concerns, and unnecessary complexities. The decision to end the expiration notification email service was implemented as of June 4, 2025, but Let’s Encrypt has now communicated it via a blog post to raise awareness
Reports and statistics | Cyber.gov.au
Acknowledgement of Country We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia’s First Peoples’ enduring contribution to Australia’s national security.
Scattered Spider hackers shift focus to aviation, transportation firms
Hackers associated with “Scattered Spider” tactics have expanded their targeting to the aviation and transportation industries after previously attacking insurance and retail sectors These threat actors have employed a sector-by-sector approach, initially targeting retail companies, such as M&S and Co-op, in the United Kingdom and the United States and subsequently shifting their focus to insurance companies.
Advice, guidance and publications | Cyber.gov.au
Acknowledgement of Country We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia’s First Peoples’ enduring contribution to Australia’s national security.
Brother printer bug in 689 models exposes default admin passwords
A total of 689 printer models from Brother, along with 53 other models from Fujifilm, Toshiba, and Konica Minolta, come with a default administrator password that remote attackers can generate. Even worse, there is no way to fix the flaw via firmware in existing printers. The flaw, tracked under CVE-2024-51978, is part of a set
Alerts and advisories | Cyber.gov.au
09 Apr 2025 Advisory BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors This advisory is jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC’s Cyber League. Its purpose is to raise awareness about the
British hacker ‘IntelBroker’ charged with $25M in cybercrime damages
A British national known online as “IntelBroker” has been charged by the U.S. for stealing and selling sensitive data from victims worldwide, causing an estimated $25 million in damages. The indictment, revealed today by the U.S. Attorney’s Office for the Southern District of New York, accuses Kai West, a 25-year-old British man, of using the handle
Exploitation of existing Fortinet Vulnerabilities
This alert is relevant to Australian organisations who utilise Fortinet products. This alert is intended to be understood by technical users. Customers are encouraged to update their devices and investigate for potential compromise. Background / What has happened? Fortinet has released information regarding their observation of active exploitation of previously known vulnerabilities affecting Fortinet devices