Category: Advisories

HomeAdvisories

TOP Routinely Exploited Vulnerabilities (AA21-209A)

Background Cyber actors continue to exploit publicly known—and often dated—software vulnerabilities against broad target sets, including public and private sector organizations worldwide. However, entities worldwide can mitigate the vulnerabilities listed in this report by applying the available patches to their...

Continue Reading  

Head in the Clouds: Aussie Businesses Experiencing Rise in Serious Data Breaches

From 22 February 2018, it became a requirement for certain data breaches, known as “eligible data breaches”, to be notified to the Australian Privacy Commissioner and affected individuals. Previously, it was not mandatory to supply notification of data breaches. A...

Continue Reading  

APT Actors Exploiting Fortinet Vulnerabilities to Gain Access for Malicious Activity (MI-000148-MW)

The FBI is continuing to warn about Advanced Persistent Threat (APT) actors exploiting Fortinet vulnerabilities. As of at least May 2021, an APT actor group almost certainly exploited a Fortigate appliance to access a webserver hosting the domain for a...

Continue Reading  

APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attacks (AA21-092A)

In March 2021 it was observed Advanced Persistent Threat (APT) actors scanning devices on ports 4443, 8443, and 10443 for CVE-2018-13379, and enumerated devices for CVE-2020-12812 and CVE-2019-5591. It is likely that the APT actors are scanning for these vulnerabilities...

Continue Reading