Incident Response Solutions – Critical Advisories
Business Email Compromise (BEC)
Government Issued Alerts
27/11/2025 – New wave of widespread supply chain compromise impacting npm ecosystem
28/10/2025 – Critical vulnerability in Microsoft Windows Server Update Service (WSUS)
26/09/2025 – Multiple vulnerabilities affecting Cisco ASA devices
28/08/2025 – China state-sponsored actors target networks globally
21/07/2025 – CVE-2025-53770 and CVE-2025-53771 affecting Microsoft Sharepoint
27/06/2025 – CVE-2025-6543 affecting Citrix Netscaler products
27/05/2025 – Guidance for SIEM and SOAR Implementation
6/05/2025 – Primary Mitigations to Reduce Cyber Threats to Operational Technology
12/03/2025 – CISA and Partners Release Cybersecurity Advisory on Medusa Ransomware
15/01/2025 – Vulnerability affecting FortiOS and FortiProxy
17/12/2024 – CISA Issues BOD 25-01, Implementing Secure Practices for Cloud Services
24/10/2024 – Zero-day vulnerability affecting FortiManager
30/08/2024 – CISA – #StopRansomware: RansomHub Ransomware
19/07/2024 – CISA – Widespread IT Outage Due to CrowdStrike Update
12/06/2024 – NCSC – Phishing campaign targeting New Zealand organisations
9/05/2024 – ASD – Choosing Secure and Verifiable Technologies
15/04/2024 – CISA – Joint Guidance on Deploying AI Systems Securely
9/02/2024 – Fortinet Releases Security Advisories for FortiOS
19/01/2024 – CISA Issues Emergency Directive on Ivanti Vulnerabilities
19/12/2023 – CISA and FBI Release Advisory on ALPHV Blackcat Affiliates
7/12/2023 – Russian FSB Cyber Actor Star Blizzard Continues Worldwide Spear-phishing Campaigns
8/12/2023 – Atlassian Releases Security Advisories for Multiple Products
27/11/2023 – ASD – Essential Eight Maturity Model Changes
22/11/2023 – 2023–2030 Australian Cyber Security Strategy
21/11/2023 – LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability
9/11/2023 – CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain
7/11/2023 – FEMA and CISA Release Joint Guidance on Planning Considerations for Cyber Incidents
1/11/2023 – New Zealand National Cyber Security Centre – Annual Report 2022/2023
18/10/2023 – CISA, NSA, FBI, and MS-ISAC Release Phishing Prevention Guidance
16/10/2023 – CISA, NSA, FBI, and International Partners Release Updated Secure by Design Guidance
5/10/2023 – NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations
11/09/2023 – UK NCSC – Ransomware, extortion and the cyber crime ecosystem
6/09/2023 – CISA Releases Capacity Enhancement Guide to Strengthen Agency Resilience to DDoS Attack
16/08/2023 – CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan
4/08/2023 – CISA Releases its Cybersecurity Strategic Plan
3/08/2023 – 2022 Top Routinely Exploited Vulnerabilities
12/07/2023 – Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
14/06/2023 – Understanding Ransomware Threat Actors: LockBit
12/06/2023 – Fortinet Releases Security Updates for FortiOS and FortiProxy
6/06/2023 – Securing Remote Access Software
23/05/2023 – StopRansomware Guide
9/05/2023 – CISA and Partners Disclose Snake Malware Threat From Russian Cyber Actors
28/04/2023 – New Zealand Government guidance on cyber ransom payments
16/03/2023 – StopRansomware: LockBit 3.0
23/02/2023 – CISA Urges Increased Vigilance One Year After Russia’s Invasion of Ukraine
25/01/2023 – ISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software
11/01/2023 – NCSC-UK Releases Guidance on Using MSP for Administering Cloud Services
30/11/2022 – Australian Signals Directorate – Cyber Incident Response Plan Guidance
10/11/2022 – CISA Releases SSVC Methodology to Prioritize Vulnerabilities
1/11/2022 – OpenSSL Releases Security Update
30/09/2022 – Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server
20/06/2022 – Australian Signals Directorate – Cyber Incident Response Plan Readiness Checklist
2/06/2022 – Atlassian Releases Security Advisory for Confluence Server and Data Center
31/05/2022 – Microsoft Releases Workaround Guidance for MSDT “Follina” Vulnerability
1/03/2022 – NSA – Network Infrastructure Security Guidance
19/02/2022 – CISA – Free Cybersecurity Services and Tools
9/02/2022 – 2021 Trends Show Increased Globalized Threat of Ransomware
4/02/2022 – Indicators of Compromise Associated with LockBit 2.0 Ransomware
12/11/2021 – Palo Alto Networks Release Security Updates for PAN-OS
28/10/2021 – 2021 CWE Most Important Hardware Weaknesses
25/10/2021 – NOBELIUM Attacks on Cloud Services and other Technologies
9/09/2021 – Microsoft Releases Mitigations and Workarounds for CVE-2021-40444
4/09/2021 – CISA – Atlassian Releases Security Updates for Confluence Server and Data Center
21/08/2021 – CISA – Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities
16/07/2021 – CISA – Stop Ransomware One Stop Location
2/07/2021 – CISA – Kaseya VSA Supply-Chain Ransomware Attack
24/06/2021 – CISA – Bad Practices
4/06/2021 – CISA – Unpatched VMware vCenter Software
16/05/2021 – Ransomware Attack on Health Sector
2/04/2021 – FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities
6/01/2021 – Mitigate SolarWinds Orion Code Compromise – Supplemental Guidance v3
24/12/2020 – CISA Releases Free Detection Tool for Azure/M365 Environment
17/12/2020 – Advanced Persistent Threat Compromise – SolarWinds
16/10/2020 – Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities
17/09/2020 – Critical Vulnerability in Microsoft Windows Netlogon Remote Protocol
4/09/2020 – DoS and DDoS Attacks against Multiple Sectors
27/08/2020 – Cisco Releases Security Updates
14/08/2020 – Phishing Emails Used to Deploy KONNI Malware
23/07/2020 – Reduce Exposure Across Operational Technologies and Control Systems
22/06/2020 – ACSC Releases Advisory on Cyber Campaign using Copy-Paste Compromises
20/05/2020 – Summary of Tradecraft Trends for 2019-20 (ACSC)
12/05/2020 – Top 10 Routinely Exploited Vulnerabilities
05/05/2020 – APT Groups Target Healthcare and Essential Services
08/04/2020 – COVID-19 Exploited by Malicious Cyber Actors
13/03/2020 – Enterprise VPN Security
06/03/2020 – Defending Against COVID-19 Cyber Scams
05/03/2020 – National ‘Slam the Scam’ Day
15/02/2020 – North Korean Malicious Cyber Activity
11/02/2020 – Safer Internet Day
07/02/2020 – ACSC Mailto Ransomware Incidents
26/01/2020 – Microsoft Office 365 Security Observations
24/01/2020 – NSA Releases Guidance on Mitigating Cloud Vulnerabilities
22/01/2020 – IC3 Issues Alert on Employment Scams
14/01/2020 – Critical Vulnerabilities in Microsoft Windows Operating Systems
04/01/2020 – Summary of Terrorism Threat
01/01/2020 – Secure New Internet Connected Devices
11/12/2019 – Apple Releases Multiple Security Updates
27/11/2019 – Black Friday Shopping Protect Your Identity
19/11/2019 – Safeguarding Data Before Upgrading Mobile Phones
24/10/2019 – UK NCSC 2019 Report
16/10/2019 – WordPress Releases Security Update
17/06/2019 – BlueKeep Vulnerability
13/05/2019 – Microsoft Office 365 Security Observations
24/01/2019 – DNS Infrastructure Hijacking Campaign
25/05/2018 – Home and Office Routers and Networked Devices
27/03/2018 – Brute Force Attacks
New Zealand Government Issued Warnings and Alerts for Scams and associated Misconduct
Financial Markets Authority – Warnings and alerts
Ministry if Business Innovation and Employment – Types of Scams
Department of Internal Affairs – Online Scams
Australian Competition & Consumer Commission
Historical Critical Advisories
Cyber attacks against Ukraine that may have consequences on New Zealand organisations
Tips
About
The alerts and tips published by Incident Response Solutions are intended to be a high-level summary containing some of the most important information that has been published on Forensic and Cyber Security matters as it comes to hand.
We occasionally publish these alerts and tips to our YouTube Channel and this webpage. Subscribe to our alerts here. We’ll give you a brief summary of each alert or tip, and a link to more information. Why do we publish these alerts and tips? Because we want to keep you up to date with the latest Forensic and Cyber Security information, so that you aren’t caught by surprise – and you’ll know about risks and changes before they become problems.
For readers wishing to receive additional Forensic and Cyber Security information, we recommend subscribing to the NZ Incident Response Bulletin.
Please contact us at support@incidentresponse.co.nz for further information.
Traffic light protocol
The traffic light protocol (TLP) is a set of designations used to ensure that sensitive information is shared with the correct audience.
All alerts on this page are considered ‘White’, i.e. the information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release.
Incident Response Solutions 