Welcome to the Australian Cyber Security Centre website

Icon for getting alerts on new threats

Get alerts on new threats

Icon for reporting a cybercrime

Report a cybercrime or cyber security incident

Icon for becoming a partner

Become a partner

Icon for Information Security Manual

Information Security Manual

Protect yourself against cybercrime

Learn how to shop online securely

Top 3 things to protect yourself

Translated information

We have developed easy-to-follow cyber security information and resources to support people from non-English speaking backgrounds to be more cyber secure.
Read more

Alerts and Advisories

View all alerts and advisories
Alert ratingHIGH

Zoho ManageEngine ServiceDesk Plus remote code execution vulnerability

A vulnerability (CVE-2021-44077) has been identified in certain versions of Zoho ManageEngine ServiceDesk Plus. Exploitation of this vulnerability could allow an unauthenticated cyber actor to perform remote code execution on an unpatched system. A cyber actor would then be able to install malware or otherwise control the affected device. Australian organisations using Zoho ManageEngine ServiceDesk Plus should apply the available patch.

Pinned
Alert rating

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities

Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple U.S. critical infrastructure sectors, including the Transportation Sector and the Healthcare and Public Health Sector, as well as Australian organizations.

Pinned
Alert ratingHIGH

Remote code execution vulnerability present in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component

A vulnerability has been identified in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component. Affected Australian organisations should apply the available update as soon as possible.

Pinned

News

Visit our partners keeping Australia safe online

Scamwatch is run by the Australian Competition and Consumer Commission (ACCC). It gives consumers and small businesses information on how to recognise, avoid and report scams.
eSafety can help Australians experiencing online bullying or abuse to take action or make a complaint. They also provide a wide range of online safety programs, resources and training.
The OAIC investigates privacy breaches and handles data breach reports. It provides guidance and advice for business and consumers on how to protect personal information.
Icon for becoming a alerts Get alerts on new threatsAlert Service Icon for becoming a partner Become anACSC partner Icon for reporting Report a cybercrime orcyber security incident
Authorised by the Australian Government, Canberra