Category: ASD

This alert has been written for the IT teams of organisations and government. Background  / What has happened? ASD’s ACSC is aware of a vulnerability impacting Microsoft Office SharePoint Server products (CVE-2025-53770). CVE-2025-53770 involves the deserialisation of untrusted data in on-premises Microsoft SharePoint Servers allowing an unauthorised attacker to execute code over a network.  Microsoft is

Acknowledgement of Country We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia’s First Peoples’ enduring contribution to Australia’s national security.

A AACA ASD-Approved Cryptographic Algorithm AACP ASD-Approved Cryptographic Protocol ACA Australasian Certification Authority Access control The process of granting or denying requests for access to systems. Can also refer to the process of granting or denying requests for access to facilities. Access Cross Domain Solution A system permitting access to multiple security domains from a

Acknowledgement of Country We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia’s First Peoples’ enduring contribution to Australia’s national security.

Acknowledgement of Country We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia’s First Peoples’ enduring contribution to Australia’s national security.

Acknowledgement of Country We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia’s First Peoples’ enduring contribution to Australia’s national security.

Acknowledgement of Country We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia’s First Peoples’ enduring contribution to Australia’s national security.

09 Apr 2025 Advisory BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors This advisory is jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC’s Cyber League. Its purpose is to raise awareness about the

This alert is relevant to Australian organisations who utilise Fortinet products. This alert is intended to be understood by technical users. Customers are encouraged to update their devices and investigate for potential compromise. Background / What has happened? Fortinet has released information regarding their observation of active exploitation of previously known vulnerabilities affecting Fortinet devices

This alert is relevant to large Australian businesses, organisations, and government. This alert contains a combination of simple and moderately complex technical advice, intended for business owners and technical IT support services. Background ASD’s ACSC is tracking 2 vulnerabilities in Ivanti EPMM: CVE-2025-4427: Medium severity Authentication Bypass CVE-2025-4428: High severity Remote Code Execution When chained