Individuals & families Small & medium businesses Large organisations & infrastructure Government
Icon of an envelope in motion

Get alerts on new threats

Alert Service
Icon of Australia with a blue circle behind it

Report a cybercrime or

cyber security incident

Report Cyber
A icon light

Become a partner

Partner Hub
ACSC Annual Cyber Threat report 2020-21

The Assistant Minister for Defence, The Hon Andrew Hastie MP, released the Australian Cyber Security Centre’s Annual Cyber Threat Report 2020-21.

Read more
Remote code execution vulnerability present in Open Management Infrastructure, affects certain Microsoft Azure services

A remote code execution vulnerability exists in Open Management Infrastructure, a management agent used in certain Linux-based Microsoft Azure services. Exploitation of this vulnerability could allow a malicious actor to take control of the vulnerable host. Affected organisations should apply the available security update.

Read more
Remote code execution vulnerability present in the Windows Scripting Engine of Microsoft Windows

A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian customers should apply the security update provided by Microsoft.

Read more
Phone and email scammers impersonating the ACSC

The Australian government will NEVER phone you to request access to your computer, or request you to purchase cryptocurrencies or gift cards. If you receive a suspicious phone call, take the caller's details, hang up and contact the company they claim to represent via official communication channels listed on their website. Never call a number provided by the scammer.

Read more
Property-related business email compromise scams rising in Australia

Cybercriminals are targeting the property and real estate sector to conduct business email compromise scams. All parties involved in the buying, selling and leasing of property should be vigilant when communicating via email, particularly during settlement periods.

Read more

ALERTS

View all
Alerts homepage image

- Alert status: HIGH

Remote code execution vulnerability present in the Windows Scripting Engine of Microsoft Windows

A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian customers should apply the security update provided by Microsoft.

- Alert status: CRITICAL

Remote code execution vulnerability present in Open Management Infrastructure, affects certain Microsoft Azure services

A remote code execution vulnerability exists in Open Management Infrastructure, a management agent used in certain Linux-based Microsoft Azure services. Exploitation of this vulnerability could allow a malicious actor to take control of the vulnerable host. Affected organisations should apply the available security update.

- Alert status: HIGH

Critical vulnerabilities present in certain versions of Apple iOS, macOS and Safari

Vulnerabilities have been identified in certain versions of Apple iOS, macOS and Safari which could allow an actor to install malware or perform other actions on a vulnerable device or computer.

- Alert status: HIGH

Remote code execution vulnerability present in the MSHTML component of Microsoft Windows

A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. At this current time there is no patch available, affected Australian customers should apply the Microsoft recommended workarounds.

- Alert status: MEDIUM

Suspected user credentials stolen from FortiNet devices leaked online

A malicious cyber actor has leaked a list of suspected user credentials and IP address of the associated FortiNet SSL VPN device the credentials are used for. Organisations should review the patch status and history of internet exposed FortiNet SSL VPN devices and consider performing a password reset for affected users.

About the ACSC

The Australian Cyber Security Centre (ACSC) is based within the Australian Signals Directorate (ASD). We provide advice and information about how to protect you, your family and your business online.

The ACSC’s cyber security mission is supported by ASD’s wider organisation, whose role is to provide foreign signals intelligence and who have a long history of cyber security excellence. We lead the Australian Government’s efforts to improve cyber security. Our role is to help make Australia the most secure place to connect online.

For further information read more about the ACSC.

Information for

Become an ACSC Partner

The ACSC Partnership Program enables a wide range of organisations to engage with the ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.

Learn More

Alerts homepage image
News homepage image

NEWS & MEDIA

View all
News homepage image
ACSC Annual Cyber Threat report 2020-21

The Assistant Minister for Defence, The Hon Andrew Hastie MP, released the Australian Cyber Security Centre’s Annual Cyber Threat Report 2020-21.

ACSC cyber security challenge

Would you like to put your cyber incident response skills to the test?

ACSC participation in Asia Pacific Computer Emergency Response Team (APCERT) Drill

The ACSC has joined international partners in the annual Asia Pacific Computer Emergency Response Team (APCERT) Drill.

Boost your cyber defences with backups

Backing up your data is one of the best defences against ransomware attacks conducted by the opportunistic cyber criminals who continue to threaten Australian businesses, organisations, and families.

ACSC survey for Australian critical infrastructure organisations

The Australian Cyber Security Centre (ACSC) is asking Australian critical infrastructure providers and operators to take part in a confidential survey to help identify operational technologies used by their organisation.

Tweets by @CyberGovAu

Australian Cyber Security Centre

ACSC Facebook

Tweets by @ASDGovAu

Easy steps to secure your online information Individuals and families
Small Business Cyber Security Guide Small and medium businesses
Australian Government Information Security Manual Large organisations and infrastructure Government

Visit our partners keeping Australia safe online

Scamwatch is run by the Australian Competition and Consumer Commission (ACCC). It gives consumers and small businesses information on how to recognise, avoid and report scams.
eSafety can help Australians experiencing online bullying or abuse to take action or make a complaint. They also provide a wide range of online safety programs, resources and training.
The OAIC investigates privacy breaches and handles data breach reports. It provides guidance and advice for business and consumers on how to protect personal information.
Get alerts on new threats AlertService Report a cybercrime or cyber security incident