Icon for getting alerts on new threats

Get alerts on new threats
Icon of a siren

Report a cybercrime or cyber security incident
Icon for becoming a partner

Become a partner
Icon for Information Security Manual

Information Security Manual

Critical infrastructure entities have new reporting requirements

Learn more or make a cyber incident report

Top 3 things to protect yourself

Learn cyber security

Take control of your cyber security and reduce the impact of an attack by learning how to protect yourself online with our quick lessons and quizzes.
Read more

Alerts and Advisories

View all alerts and advisories
Alert rating CRITICAL
Critical alert rating

A critical alert is a cyber security vulnerability where people should take immediate (same day) action. The vulnerability is trivial to exploit, with Proof of Concept (PoC) available. There are generally no mitigating factors available, and the impact is widespread among customers. The ACSC may also be aware of active targeting by malicious cyber actors. Critical alerts refer to vulnerabilities that are (or strongly suspected will be) affecting Australia.

Exploitation of Microsoft Office vulnerability: Follina

The ACSC is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.

Alert rating CRITICAL
Critical alert rating

A critical alert is a cyber security vulnerability where people should take immediate (same day) action. The vulnerability is trivial to exploit, with Proof of Concept (PoC) available. There are generally no mitigating factors available, and the impact is widespread among customers. The ACSC may also be aware of active targeting by malicious cyber actors. Critical alerts refer to vulnerabilities that are (or strongly suspected will be) affecting Australia.

Remote code execution vulnerability present in Atlassian Confluence Server and Data Center

A critical unauthenticated remote code execution vulnerability (CVE-2022-26134) has been identified in all supported versions of Atlassian Confluence Server and Data Center. ACSC recommends organisations restrict internet…

Alert rating HIGH
High alert rating

A high alert is a cyber security vulnerability where people should act quickly (within 48 hours). There are generally no mitigating factors available, and the impact is widespread amongst customers. Impacts are estimated to be lower than a critical alert. High alerts refer to vulnerabilities that might affect Australia.

Multiple vulnerabilities present in VMware products

The ACSC is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate action.

News

Visit our partners keeping Australia safe online

ACCC Australian Competition & Consumer Commission. Scam Watch Scamwatch is run by the Australian Competition and Consumer Commission (ACCC). It gives consumers and small businesses information on how to recognise, avoid and report scams.
eSafety Commissioner eSafety can help Australians experiencing online bullying or abuse to take action or make a complaint. They also provide a wide range of online safety programs, resources and training.
Australian Government. Office of the Australian Information Commissioner The OAIC investigates privacy breaches and handles data breach reports. It provides guidance and advice for business and consumers on how to protect personal information.
Icon for Report Report a cyber security incident for critical infrastructure Icon for becoming a alerts Get alerts on new threatsAlert Service Icon for becoming a partner Become anACSC partner Icon for reportingReport a cybercrime or cyber security incident
Authorised by the Australian Government, Canberra