Individuals & families Small & medium businesses Large organisations & infrastructure Government

Welcome to the Australian Cyber Security Centre website

Icon of an envelope in motion

Get alerts on new threats

Alert Service
Icon of Australia with a blue circle behind it

Report a cybercrime or

cyber security incident

Report Cyber
A icon light

Become a partner

Partner Hub
Critical vulnerability in certain versions of Apache HTTP Server

A vulnerability exists in Apache HTTP Server 2.4.49. A cyber actor could exploit this vulnerability to execute arbitrary code. Initial information also indicates that the vulnerability could also be used perform remote code execution under certain configurations. Affected Australian organisations should apply the available patch.

Read more
Microsoft introduces Exchange Emergency Mitigation service

Microsoft has launched a new optional protection for Microsoft Exchange servers.

Read more
Critical vulnerability in certain Hikvision products, IP cameras

A critical vulnerability exists in Hikvision products, including IP cameras, which could allow a cyber actor to take full control of the device. Affected Australian customers should apply an appropriate firmware update provided by Hikvision.

Read more
Remote code execution vulnerability present in Open Management Infrastructure, affects certain Microsoft Azure services

A remote code execution vulnerability exists in Open Management Infrastructure, a management agent used in certain Linux-based Microsoft Azure services. Exploitation of this vulnerability could allow a malicious actor to take control of the vulnerable host. Affected organisations should apply the available security update.

Read more
Remote code execution vulnerability present in the Windows Scripting Engine of Microsoft Windows

A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian customers should apply the security update provided by Microsoft.

Read more

ALERTS

View all
Alerts homepage image

- Alert status: HIGH

Multiple key vulnerabilities identified in Microsoft products

Multiple key vulnerabilities were identified in Microsoft’s 12 October 2021 patch release. While all vulnerabilities addressed in this release are important to mitigate the ACSC wishes to highlight several vulnerabilities for priority consideration.

- Alert status: HIGH

Critical vulnerability present in certain versions of Apple iOS and iPadOS

A vulnerability has been identified in certain Apple products which could allow an actor to install malware or perform other actions on a vulnerable device.

- Alert status: CRITICAL

Critical vulnerability in certain versions of Apache HTTP Server

A vulnerability exists in Apache HTTP Server 2.4.49. A cyber actor could exploit this vulnerability to execute arbitrary code. Initial information also indicates that the vulnerability could also be used perform remote code execution under certain configurations. Affected Australian organisations should apply the available patch.

- Alert status: HIGH

Critical vulnerability in ManageEngine ADSelfService Plus exploited by cyber actors

A vulnerability exists in certain versions of ManageEngine ADSelfService Plus. A cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian organisations should apply the available security update.

- Alert status: CRITICAL

Critical vulnerability in certain Hikvision products, IP cameras

A critical vulnerability exists in Hikvision products, including IP cameras, which could allow a cyber actor to take full control of the device. Affected Australian customers should apply an appropriate firmware update provided by Hikvision.

About the ACSC

The Australian Cyber Security Centre (ACSC) is based within the Australian Signals Directorate (ASD). We provide advice and information about how to protect you, your family and your business online.

The ACSC’s cyber security mission is supported by ASD’s wider organisation, whose role is to provide foreign signals intelligence and who have a long history of cyber security excellence. We lead the Australian Government’s efforts to improve cyber security. Our role is to help make Australia the most secure place to connect online.

For further information read more about the ACSC.

Information for

Become an ACSC Partner

The ACSC Partnership Program enables a wide range of organisations to engage with the ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.

Learn More

Alerts homepage image
News homepage image

NEWS & MEDIA

View all
News homepage image
Cyber Security Awareness Month 2021

October is Cyber Security Awareness Month.

Microsoft introduces Exchange Emergency Mitigation service

Microsoft has launched a new optional protection for Microsoft Exchange servers.

ACSC Annual Cyber Threat report 2020-21

The Assistant Minister for Defence, The Hon Andrew Hastie MP, released the Australian Cyber Security Centre’s Annual Cyber Threat Report 2020-21.

ACSC cyber security challenge

Would you like to put your cyber incident response skills to the test?

ACSC participation in Asia Pacific Computer Emergency Response Team (APCERT) Drill

The ACSC has joined international partners in the annual Asia Pacific Computer Emergency Response Team (APCERT) Drill.

Tweets by @CyberGovAu

Australian Cyber Security Centre

ACSC Facebook

Tweets by @ASDGovAu

Easy steps to secure your online information Individuals and families
Small Business Cyber Security Guide Small and medium businesses
Australian Government Information Security Manual Large organisations and infrastructure Government

Visit our partners keeping Australia safe online

Scamwatch is run by the Australian Competition and Consumer Commission (ACCC). It gives consumers and small businesses information on how to recognise, avoid and report scams.
eSafety can help Australians experiencing online bullying or abuse to take action or make a complaint. They also provide a wide range of online safety programs, resources and training.
The OAIC investigates privacy breaches and handles data breach reports. It provides guidance and advice for business and consumers on how to protect personal information.
Get alerts on new threats AlertService Report a cybercrime or cyber security incident