(1300 292 371)
You can view all our advisories from this page. Use the filters below to filter by audience type, title and summary and the sort options to sort for the most recently updated or published content.
06 Jun 2019
Mitigation for Microsoft Windows Security Vulnerability – ‘BlueKeep’ (CVE-2019-0708)
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) advises Windows users to ensure their systems are patched and up to date after Microsoft’s recent disclosure of new remote desktop vulnerability.
16 May 2019
2019-126: Recommendations for mitigation of vulnerable version of Telerik UI
The tools to exploit this vulnerability have been publicly published and require only basic knowledge or skills to use successfully. Any servers currently running a vulnerable version should be considered at risk and remediation steps should be taken.
06 May 2019
ACSC Advisory 2019-125: Targeting of Microsoft SharePoint CVE-2019-0604
This ACSC advisory provides recommendations for securing Microsoft SharePoint and advice on identifying potential successful exploitation of this vulnerability.
15 Mar 2019
Recommendations to protect 773M accounts affected by 'Collection #1' breach
This advisory provides recommendations for protecting 773M accounts affected by 'Collection #1' breach.
09 Jan 2019
Advice remains that organisations should patch Meltdown/Spectre vulnerabilities
Recent media reporting has indicated that applying the patches for these vulnerabilities can lead to performance issues, and can impact on the availability of third party software.
05 Jan 2019
Patch your devices for Meltdown and Spectre vulnerabilities as soon as possible
A malicious actor could possibly use this vulnerability to gain access to areas of memory they should not have permission to access. This could result in malicious actors obtaining sensitive data, such as passwords.
29 Sep 2018
Recommendations to mitigate Facebook flaw in 'View As' feature
This advisory provides information about how to protect yourself to minimise the risk of further breaches caused by attackers exploiting the flaw in the 'View As' feature on Facebook.
17 May 2018
Information about vulnerability in the Drupal content management system
Drupal assesses this vulnerability as critical. If you are using a version of Drupal prior to 7.58 or 8.51, the ACSC recommends that you upgrade immediately as per Drupal's advice.
15 May 2018
Protecting against VPNFilter malware
Once a malicious actor compromises a device using VPNFilter malware, they are able to collect network traffic (including website credentials) traversing the device. Importantly, the malware can also be used to disable the device.
17 Apr 2018
Secure the Cisco IOS and IOS XE Smart Install Feature
Organisations are advised to identify Cisco devices running Smart Install within their networks, evaluate the need of running this feature, and remove or secure the feature as required. Both the ACSC and Cisco documentation contain details on how to accomplish this.
29 Jun 2017
Update on the initial infection vector of the Petya ransomware campaign
This is an example of where a lack of patching and continued use of out-dated protocols presents a significant risk to organisational IT security.
28 Jun 2017
Update on Petya ransomware campaign
The ACSC is aware of a large-scale ransomware campaign that is impacting organisations globally. The campaign is variously known as 'Petya', 'NotPetya', 'SortaPetya', 'Petna' or 'GoldenEye'.
15 Nov 2015
Web Shells – Threat Awareness and Guidance
This advisory outlines the Web shells threat and provides prevention, detection and mitigation strategies for administrators of web servers that have active content languages installed.
1300 CYBER1(1300 292 371)