ACSC programs and advice are being migrated to cyber.gov.au (see sidebar)

News

Exploitation of Critical Cisco ASA Vulnerability

The ACSC has become aware of a change in the threat situation surrounding the recently announced Cisco ASA critical remote code execution vulnerability. Proof of concept code is now available which results in a denial of service condition on targeted vulnerable devices.

Cisco first released a security advisory on 29 January detailing the vulnerability and affected devices but has since identified additional attack vectors and released additional, more comprehensive patches.

Currently the proof of concept code only results in a denial of service condition. It is likely that this will develop into code that can achieve remote code execution. Cisco has already identified 'attempted malicious use of the vulnerability' in the wild although it is unknown whether this refers to witnessing remote code execution or a denial of service condition.

The ACSC recommends that organisations with affected devices patch as soon as possible.

Cisco ASA Security Advisory - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180129-asa1

In August 2018 ACSC launched a new website, cyber.gov.au, to reflect its new organisation.

Cyber security programs and advice are being migrated to cyber.gov.au. Information and advice on this site remains current.

Reports help the ACSC to develop a better understanding of the threat environment and will assist other organisations who are also at risk.

Cyber security incident reports are also used in aggregate for developing new defensive policies, procedures, techniques and training measures to help prevent future incidents.

Information for Australian businesses
Information for individual Australian citizens
Information for Federal, State and Local government agencies