A total of 689 printer models from Brother, along with 53 other models from Fujifilm, Toshiba, and Konica Minolta, come with a default administrator password that remote attackers can generate. Even worse, there is no way to fix the flaw via firmware in existing printers. The flaw, tracked under CVE-2024-51978, is part of a set
Alerts and advisories | Cyber.gov.au
09 Apr 2025 Advisory BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors This advisory is jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC’s Cyber League. Its purpose is to raise awareness about the
Tech execs enlist in Army Reserve for new innovation detachment
Soldiers take part in a human-machine integration demonstration at Fort Irwin, California, March 2024. (Spc. Samarion Hicks/U.S. Army) Four Silicon Valley technology executives from major companies are joining the U.S Army Reserve as officers to inject the speed and expertise of commercial technology development into military innovation through the newly established Detachment 201, an Executive
British hacker ‘IntelBroker’ charged with $25M in cybercrime damages
A British national known online as “IntelBroker” has been charged by the U.S. for stealing and selling sensitive data from victims worldwide, causing an estimated $25 million in damages. The indictment, revealed today by the U.S. Attorney’s Office for the Southern District of New York, accuses Kai West, a 25-year-old British man, of using the handle
Exploitation of existing Fortinet Vulnerabilities
This alert is relevant to Australian organisations who utilise Fortinet products. This alert is intended to be understood by technical users. Customers are encouraged to update their devices and investigate for potential compromise. Background / What has happened? Fortinet has released information regarding their observation of active exploitation of previously known vulnerabilities affecting Fortinet devices
Army expanding ‘Transformation in Contact’ initiative to Army Guard
Spc. Anton Lane, a combat medic with specialized drone training, assigned to 5-7 Cavalry 3rd Infantry Division, puts away a Skydio X10E4TT drone as part of a Transformation in Contact exercise. (Sgt. Samantha Hill/Army) The Army’s ongoing brigade modernization program is headed to the Guard. Army Chief of Staff Gen. Randy George told members of
SonicWall warns of trojanized NetExtender stealing VPN logins
SonicWall is warning customers that threat actors are distributing a trojanized version of its NetExtender SSL VPN client used to steal VPN credentials. The fake software, which was discovered by SonicWall’s and Microsoft Threat Intelligence (MSTIC) researchers, mimics the legitimate NetExtender v10.3.2.27, the latest available version. The malicious installer file is hosted on a spoofed website
Multiple Vulnerabilities In Ivanti Endpoint Manager Mobile (Ivanti EPMM)
This alert is relevant to large Australian businesses, organisations, and government. This alert contains a combination of simple and moderately complex technical advice, intended for business owners and technical IT support services. Background ASD’s ACSC is tracking 2 vulnerabilities in Ivanti EPMM: CVE-2025-4427: Medium severity Authentication Bypass CVE-2025-4428: High severity Remote Code Execution When chained
US Homeland Security warns of escalating Iranian cyberattack risks
The U.S. Department of Homeland Security (DHS) warned over the weekend of escalating cyberattack risks by Iran-backed hacking groups and pro-Iranian hacktivists. This warning was issued as a National Terrorism Advisory System bulletin on Sunday and cautions that the Iranian conflict is causing a “heightened threat environment” in the United States, with “low-level” cyberattacks targeting
Russian GRU targeting Western logistics entities and technology companies
Executive summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff