Acknowledgement of Country We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia’s First Peoples’ enduring contribution to Australia’s national security.
Advice, guidance and publications | Cyber.gov.au
Acknowledgement of Country We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia’s First Peoples’ enduring contribution to Australia’s national security.
Alerts and advisories | Cyber.gov.au
09 Apr 2025 Advisory BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors This advisory is jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC’s Cyber League. Its purpose is to raise awareness about the
Exploitation of existing Fortinet Vulnerabilities
This alert is relevant to Australian organisations who utilise Fortinet products. This alert is intended to be understood by technical users. Customers are encouraged to update their devices and investigate for potential compromise. Background / What has happened? Fortinet has released information regarding their observation of active exploitation of previously known vulnerabilities affecting Fortinet devices
Multiple Vulnerabilities In Ivanti Endpoint Manager Mobile (Ivanti EPMM)
This alert is relevant to large Australian businesses, organisations, and government. This alert contains a combination of simple and moderately complex technical advice, intended for business owners and technical IT support services. Background ASD’s ACSC is tracking 2 vulnerabilities in Ivanti EPMM: CVE-2025-4427: Medium severity Authentication Bypass CVE-2025-4428: High severity Remote Code Execution When chained
Russian GRU targeting Western logistics entities and technology companies
Executive summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff
#StopRansomware: Play ransomware | Cyber.gov.au
Actions to take today to mitigate cyber threats from Play ransomware: Prioritize remediating known exploited vulnerabilities. Enable multifactor authentication (MFA) for all services to the extent possible, particularly for webmail, VPN, and accounts that access critical systems. Regularly patch and update software and applications to their latest versions and conduct regular vulnerability assessments. Summary Note:
Scammers impersonating the ASD’s ACSC
The ASD’s ACSC is aware of cybercriminals claiming to be us through emails and phone calls, as well as falsely claiming our endorsement of products or services. The content of the scam emails and phone calls vary, but typically ask you to give personal information (such as passwords or bank details), money or ask you
Critical vulnerabilities in Citrix Netscaler ADC and NetScaler Gateway Products
Citrix have identified critical vulnerabilities in Citrix Netscaler ADC and NetScaler Gateway Products (CVE-2025-5349 and CVE-2025-5777). ASD’s ACSC recommends organisations update affected products to the latest versions and follow the advice detailed in the Citrix Security Advisory This alert has been written primarily for; but is not limited to, business and government. This alert is intended