Author: Intel_0118

Acknowledgement of Country We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia’s First Peoples’ enduring contribution to Australia’s national security.

Acknowledgement of Country We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia’s First Peoples’ enduring contribution to Australia’s national security.

09 Apr 2025 Advisory BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors This advisory is jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC’s Cyber League. Its purpose is to raise awareness about the

This alert is relevant to Australian organisations who utilise Fortinet products. This alert is intended to be understood by technical users. Customers are encouraged to update their devices and investigate for potential compromise. Background / What has happened? Fortinet has released information regarding their observation of active exploitation of previously known vulnerabilities affecting Fortinet devices

This alert is relevant to large Australian businesses, organisations, and government. This alert contains a combination of simple and moderately complex technical advice, intended for business owners and technical IT support services. Background ASD’s ACSC is tracking 2 vulnerabilities in Ivanti EPMM: CVE-2025-4427: Medium severity Authentication Bypass CVE-2025-4428: High severity Remote Code Execution When chained

Executive summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff

Actions to take today to mitigate cyber threats from Play ransomware: Prioritize remediating known exploited vulnerabilities. Enable multifactor authentication (MFA) for all services to the extent possible, particularly for webmail, VPN, and accounts that access critical systems. Regularly patch and update software and applications to their latest versions and conduct regular vulnerability assessments. Summary Note:

The ASD’s ACSC is aware of cybercriminals claiming to be us through emails and phone calls, as well as falsely claiming our endorsement of products or services. The content of the scam emails and phone calls vary, but typically ask you to give personal information (such as passwords or bank details), money or ask you

Citrix have identified critical vulnerabilities in Citrix Netscaler ADC and NetScaler Gateway  Products (CVE-2025-5349 and CVE-2025-5777). ASD’s ACSC recommends organisations update affected products to the latest versions and follow the advice detailed in the Citrix Security Advisory This alert has been written primarily for; but is not limited to, business and government. This alert is intended