Report a cybercrime, cyber security incident or vulnerability.

Icon for getting alerts on new threats

Get alerts on new threats
Icon of a siren

Report a cybercrime or cyber security incident
Icon for becoming a partner

Become a partner
Icon for Information Security Manual

Information Security Manual

Have you been hacked? Find out what do to now.

Learn more

Top 3 things to protect yourself

Learn cyber security

Take control of your cyber security and reduce the impact of an attack by learning how to protect yourself online with our quick lessons and quizzes.
Read more

Critical infrastructure entities have new reporting requirements

Learn more or make a cyber incident report

Alerts and Advisories

View all alerts and advisories
Alert rating LOW
Low alert rating

A low alert details a cyber security vulnerability that entities should be aware of. The ACSC has assessed that network owners and operators should be aware of the possible threats so that they can take appropriate actions to mitigate risks. Low alerts refer to vulnerabilities that, while important for ACSC to disseminate to a widespread audience at a level of urgency, have minimal potential to impact Australia due to the low likelihood of success, lack of a publicly available proof-of-concept, age of the exploit, or other factors.

Potential vulnerability associated with Microsoft Exchange

The ACSC is aware of a potential vulnerability associated with Microsoft Exchange Server (Exchange). Australian organisations should closely monitor their Exchange instances.

Alert rating MEDIUM
Medium alert rating

A medium alert details a cyber security vulnerability that entities should act soon to mitigate. The ACSC has assessed that network owners and operators need to be notified of the possible threats so that they can take appropriate actions to mitigate risks. Medium alerts refer to vulnerabilities, which if not mitigated against, have the potential to impact Australia, due to a publicly available proof-of-concept or evidence of active exploitation, but comprehensive patches or easily implemented mitigation mechanisms are available.

Optus Data Breach

To help protect against fraud, Optus has notified customers to look to reputable sources such as Moneysmart and the Office of the Australian Information Commissioner.

Alert rating
Advisory

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

The Australian Cyber Security Centre (ACSC) has joined with international cyber security agency partners to co-author an advisory on continued Iranian state-sponsored cyber threats. Organisations are encouraged to apply the…

News

Visit our partners keeping Australia safe online

ACCC Australian Competition & Consumer Commission. Scam Watch Scamwatch is run by the Australian Competition and Consumer Commission (ACCC). It gives consumers and small businesses information on how to recognise, avoid and report scams.
eSafety Commissioner eSafety can help Australians experiencing online bullying or abuse to take action or make a complaint. They also provide a wide range of online safety programs, resources and training.
Australian Government. Office of the Australian Information Commissioner The OAIC investigates privacy breaches and handles data breach reports. It provides guidance and advice for business and consumers on how to protect personal information.
Icon for ReportReport a cyber security incident for critical infrastructure Icon for becoming a alertsGet alerts on new threatsAlert Service Icon for becoming a partnerBecome anACSC partner Icon for reportingReport a cybercrime or cyber security incident
Authorised by the Australian Government, Canberra