Incident Response Solutions – Critical Advisories
Cyber attacks against Ukraine that may have consequences on New Zealand organisations (Updated 26 February 2022)
Email Reply Chain Attacks (Updated 29 April 2021)
Apache log4j (Updated 12 December 2021)
Ransomware (Updated 23 September 2021)
SonicWall Ransomware Compromise (Updated 16 July 2021)
Kaseya VSA Supply-Chain Ransomware Attack (Updated 23 July 2021)
Microsoft Exchange Server (Updated 29 August 2021)
Government Issued Alerts
18/05/2022 – Weak security controls and practices routinely exploited for initial access
28/04/2022 – Joint Cyber Security Advisory: Top 15 Routinely Exploited Vulnerabilities Of 2021
1/03/2022 – NSA – Network Infrastructure Security Guidance
22/02/2022 – QNAP and Asustor NAS vulnerabilities exploited to deploy ransomware
19/02/2022 – CISA – Free Cybersecurity Services and Tools
9/02/2022 – January 2022 New Zealand Information Security Manual v3.5 Release
9/02/2022 – 2021 Trends Show Increased Globalized Threat of Ransomware
4/02/2022 – Indicators of Compromise Associated with LockBit 2.0 Ransomware
10/12/2021 – Log4j RCE 0-day actively exploited
12/11/2021 – Palo Alto Networks Release Security Updates for PAN-OS
28/10/2021 – 2021 CWE Most Important Hardware Weaknesses
25/10/2021 – NOBELIUM Attacks on Cloud Services and other Technologies
23/09/2021 – Active scanning for VMware vCenter Vulnerability
9/09/2021 – Microsoft Releases Mitigations and Workarounds for CVE-2021-40444
4/09/2021 – CISA – Atlassian Releases Security Updates for Confluence Server and Data Center
21/08/2021 – CISA – Urgent: Protect Against Active Exploitation of ProxyShell Vulnerabilities
16/07/2021 – CISA – Stop Ransomware One Stop Location
15/07/2021 – CERT NZ – SonicWall EOL Devices Targeted by Ransomware
2/07/2021 – CISA – Kaseya VSA Supply-Chain Ransomware Attack
2/07/2021 – CERT NZ – Critical vulnerabilities in Microsoft Windows Print Spooler service
24/06/2021 – CISA – Bad Practices
16/06/2021 – OPC – OPC sends warnings to organisations to get it right next time
4/06/2021 – CISA – Unpatched VMware vCenter Software
31/05/2021 – NCSC – Ransomware: Your organisation should be both protected and prepared
16/05/2021 – Ransomware Attack on Health Sector
2/04/2021 – FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities
8/03/2021 – CISA – Remediating Microsoft Exchange Vulnerabilities
3/03/2021 – CERT NZ – Urgent Microsoft Exchange security update released
26/02/2021 – NSA – Embracing a Zero Trust Security Model
28/01/2021 – CISA guidance: reducing the risk of ransomware
6/01/2021 – Mitigate SolarWinds Orion Code Compromise – Supplemental Guidance v3
24/12/2020 – CISA Releases Free Detection Tool for Azure/M365 Environment
17/12/2020 – Advanced Persistent Threat Compromise – SolarWinds
14/12/2020 – SolarWinds Orion Cyber Security Alert
1/12/2020 – Vulnerability in Fortinet firewalls being exploited
20/11/2020 – Nitro PDF users’ email addresses and hashed passwords leaked
16/10/2020 – Microsoft Releases Security Updates to Address Remote Code Execution Vulnerabilities
20/09/2020 – CISA and MS-ISAC Release Ransomware Guide
17/09/2020 – Critical Vulnerability in Microsoft Windows Netlogon Remote Protocol
7/09/2020 – Malware being spread via email attachments
4/09/2020 – DoS and DDoS Attacks against Multiple Sectors
1/09/2020 – Technical Approaches to Uncovering and Remediating Malicious Activity
27/08/2020 – Cisco Releases Security Updates
14/08/2020 – Phishing Emails Used to Deploy KONNI Malware
23/07/2020 – Reduce Exposure Across Operational Technologies and Control Systems
15/07/2020 – Critical vulnerability in Microsoft Windows Server
30/06/2020 – EINSTEIN Data Trends – 30-day Lookback
22/06/2020 – ACSC Releases Advisory on Cyber Campaign using Copy-Paste Compromises
16/06/2020 – Active ransomware campaign leveraging remote access technologies
05/06/2020 – Cyber Alerts & Tips – CISA Unpatched Microsoft Systems Vulnerable to CVE 2020 0796
20/05/2020 – Summary of Tradecraft Trends for 2019-20 (ACSC)
12/05/2020 – Top 10 Routinely Exploited Vulnerabilities
05/05/2020 – APT Groups Target Healthcare and Essential Services
08/04/2020 – COVID-19 Exploited by Malicious Cyber Actors
19/03/2020 – SIM swapping attacks
13/03/2020 – Enterprise VPN Security
10/03/2020 – Vulnerability in Exchange Server actively exploited
06/03/2020 – Defending Against COVID-19 Cyber Scams
05/03/2020 – National ‘Slam the Scam’ Day
15/02/2020 – North Korean Malicious Cyber Activity
11/02/2020 – Safer Internet Day
07/02/2020 – ACSC Mailto Ransomware Incidents
26/01/2020 – Microsoft Office 365 Security Observations
24/01/2020 – NSA Releases Guidance on Mitigating Cloud Vulnerabilities
22/01/2020 – IC3 Issues Alert on Employment Scams
14/01/2020 – Critical Vulnerabilities in Microsoft Windows Operating Systems
04/01/2020 – Summary of Terrorism Threat
01/01/2020 – Secure New Internet Connected Devices
04/12/2019 – GCSB encourages leaders to connect with cyber security governance
11/12/2019 – Apple Releases Multiple Security Updates
27/11/2019 – Black Friday Shopping Protect Your Identity
19/11/2019 – Safeguarding Data Before Upgrading Mobile Phones
01/11/2019 – Financial sector targeted in blackmail campaign
24/10/2019 – UK NCSC 2019 Report
16/10/2019 – WordPress Releases Security Update
17/06/2019 – BlueKeep Vulnerability
13/05/2019 – Microsoft Office 365 Security Observations
24/01/2019 – DNS Infrastructure Hijacking Campaign
11/10/2018 – Publicly Available Tools Seen in Cyber Incidents Worldwide
25/05/2018 – Home and Office Routers and Networked Devices
27/03/2018 – Brute Force Attacks
New Zealand Government Issued Warnings and Alerts for Scams and associated Misconduct
Financial Markets Authority – Warnings and alerts
Ministry if Business Innovation and Employment – Types of Scams
Department of Internal Affairs – Online Scams
Australian Competition & Consumer Commission
Tips
About
The alerts and tips published by Incident Response Solutions are intended to be a high-level summary containing some of the most important information that has been published on Forensic and Cyber Security matters as it comes to hand.
We occasionally publish these alerts and tips to our YouTube Channel and this webpage. Subscribe to our alerts here. We’ll give you a brief summary of each alert or tip, and a link to more information. Why do we publish these alerts and tips? Because we want to keep you up to date with the latest Forensic and Cyber Security information, so that you aren’t caught by surprise – and you’ll know about risks and changes before they become problems.
For readers wishing to receive additional Forensic and Cyber Security information, we recommend subscribing to the NZ Incident Response Bulletin.
Please contact us at support@incidentresponse.co.nz for further information.
Traffic light protocol
The traffic light protocol (TLP) is a set of designations used to ensure that sensitive information is shared with the correct audience.
All alerts on this page are considered ‘White’, i.e. the information carries minimal or no foreseeable risk of misuse, in accordance with applicable rules and procedures for public release.