View all news and media releases

16 Sep 2020

Reminder: register for ACSC national cyber security exercise for Australia’s water and wastewater sector

Call for registrations from all Australian urban water and wastewater organisations

15 Sep 2020

New pilot program to block cybercriminals impersonating Services Australia

Telstra, in conjunction with the Australian Cyber Security Centre (ACSC) and Services Australia, is boosting Australia’s cyber resilience through the launch of a new security measure to block malicious text messages.

11 Sep 2020

Don't abandon your internet domain name to cybercriminals

Domain names are your internet mail address and your online business identity. Don’t abandon your domain name to cybercriminals through administrative oversight. Allowing corporate domain names to expire puts businesses at risk, potentially exposing clients’ personal and confidential information, client-legal privileged information and financial details.

04 Sep 2020

New ACSC report details cyber threats across Australia

The inaugural ACSC Annual Cyber Threat Report has been developed with our law enforcement partners, the Australian Federal Police and the Australian Criminal Intelligence Commission, to provide important information about emerging cyber threats impacting the Australian economy.

02 Sep 2020

Advice for users and manufacturers of Internet of Things devices

The ACSC has developed information to help the community buy and use internet-connected devices securely – such as smart fridges, smart televisions, baby monitors and security cameras.

02 Sep 2020

Joint Advisory on Technical Approaches to Uncovering and Remediating Malicious Activity

Cybersecurity officials from US, UK, Australia, Canada and New Zealand release best practices for incident response.

06 Aug 2020

Australia’s Cyber Security Strategy 2020

The Australian Government has today launched Australia’s Cyber Security Strategy 2020.

31 Jul 2020

Dousing cyber risks to water infrastructure

National cyber security exercise for Australia’s water and wastewater sector

27 Jul 2020

Release of co-designed Cloud Security Guidance

The Australian Cyber Security Centre (ACSC) and the Digital Transformation Agency (DTA) have released new Cloud Security Guidance to support the secure uptake of cloud services across government and industry.

22 Jul 2020

US Department of Justice indictment of cyber actors

The Australian Government expresses its concern over reports of global malicious cyber intrusions, as detailed in today’s unsealing of indictments by the US Department of Justice.

17 Jul 2020

UK-US-Canada Joint Advisory on Russia

Today, Australia declares its support for the release of the Joint Cyber Security Advisory by the US, UK and Canada, which details malicious cyber activity by Russian actors targeting organisations involved in COVID-19 vaccine development.

10 Jul 2020

Security tips for social media and social networking apps

Social media sites, social networking and messaging apps can pose a number of risks to both organisations and individuals when used in an inappropriate or unsafe manner.

06 Jul 2020

Staying off the hook in phishing attacks

The Australian Cyber Security Centre (ACSC) has seen a significant increase in reporting in the past few months of COVID-19 themed phishing scams, using all sorts of lures to try and trick people into handing over personal details.

01 Jul 2020

Announcing the ACSC Small Business Survey Report

Today ASD’s ACSC has published the ACSC Small Business Survey Report: How Australian Small Businesses Understand Cyber Security.

18 Jun 2020

Hardening Microsoft Windows 10 version 1909 Workstations

The Australian Cyber Security Centre (ACSC) has produced updated guidance to help information technology managers securely configure workstations (and similar devices) running Microsoft Windows operating systems.

22 May 2020

Safeguarding Australia’s critical infrastructure from cyber attack

The Australian Cyber Security Centre (ACSC) has produced advice to help critical infrastructure providers protect themselves from cyber attack as key staff work remotely during the COVID-19 pandemic.

20 May 2020

Unacceptable malicious cyber activity

As Australians and the international community band together to respond to COVID-19, the Australian Government is concerned that malicious cyber actors are seeking to exploit the pandemic for their own gain.

12 May 2020

Government service agents urged to protect clients and themselves

Agents of government services, such as taxation agents, BAS agents and taxation (financial) advisers, are attractive targets for cybercriminals.

08 May 2020

APT activity targeting Australian health sector

Advanced Persistent Threat (APT) actors are actively targeting health sector organisations and medical research facilities in Australia.

30 Apr 2020

National cyber security exercises for Australia’s electricity industry

In November 2019, the Australian Signals Directorate’s Australian Cyber Security Centre coordinated a national cyber security exercise series in partnership with Australia’s electricity industry and government agencies.

20 Apr 2020

COVID-19 cyber scams mount against Australians

Cybercriminals continue to target Australians through a range of COVID-19 themed scams, fraud attempts and deceptive email schemes, the Australian Cyber Security Centre (ACSC) has warned in a new threat update.

15 Apr 2020

Are you cyber-safe at home?

With increasing numbers of Australians working from home to combat the spread and impact of COVID-19, the Australian Cyber Security Centre (ACSC) has issued a new advisory containing tips to reduce the risk of Australians falling victim to cybercriminals at home.

07 Apr 2020

Protecting small business against cyber attacks during COVID-19

The Australian Cyber Security Centre (ACSC) has published advice on how small businesses can better protect themselves from cyber attacks and disruptions during COVID-19.

02 Apr 2020

Stay safe and be tele aware

In light of COVID-19, many businesses and individuals are now turning to web conferencing systems, like Zoom, Skype, Google Hangouts, GoToMeeting and Cisco WebEx to connect online.

01 Apr 2020

ACSC aware of critical vulnerability in Citrix Application Delivery Controller and Citrix Gateway

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of a critical vulnerability that exists in the Citrix Application Delivery Controller (ADC) (formerly known as NetScaler ADC) and Citrix Gateway (formerly known as NetScaler Gateway).

01 Apr 2020

ACSC program enters its next phase through JCSCs

The ACSC Partnership Program is increasingly bringing industry, academia, law enforcement and government agencies together in collaborative work spaces, enabling information-sharing and network-hardening across the economy. This is being enabled through the network of Joint Cyber Security Centres (JCSCs) around Australia.

27 Mar 2020

Microsoft warns of vulnerabilities in Adobe Type Manager Library

The ACSC is aware of Microsoft’s recent disclosure of two remote code execution (RCE) vulnerabilities in the Windows Adobe Type Manager Library. Microsoft reports that there is targeted exploitation of these vulnerabilities.

27 Mar 2020

Cyber scams during the COVID-19 crisis - ABC Radio interview

Mr Karl Hanmore, acting Head Australian Cyber Security Centre, interview with Wendy Harmer and Robbie Buck on ABC Radio Sydney, 27 March 2020

13 Mar 2020

Cyber security is essential when preparing for COVID-19

Ensuring good cyber security measures now is the best way to address the cyber threat.

12 Mar 2020

Microsoft warns of vulnerabilities in SMBv3 (update: patch released 13 March 2020)

The ACSC is aware of Microsoft’s recent disclosure of a vulnerability in the Microsoft Server Message Block 3.1.1 (SMBv3) protocol called CVE-2020-0796, also known as EternalDarkness.

02 Mar 2020

Joint public statement on independent review of CSCP and IRAP

In late July 2019, the Australian Signals Directorate (ASD) commissioned an independent review of its Cloud Services Certification Program (CSCP) and Information Security Registered Assessors Program (IRAP).

17 Jan 2020

Top tips to avoid ticket scammers online

Follow our tips for buying tickets safely online.

03 Dec 2019

Shopping safely online at holiday time

What are the do’s and don’ts to avoid online shopping scams? Read our tips now.

28 Nov 2019

Online fraud and shopping scams among the top cybercrimes targeting Australians

Australians are urged to be vigilant and protect themselves online, especially over the busy festive period.

07 Nov 2019

National Cyber Security Committee urges vigilance as two concerning cyber security threats are in the wild

The ACSC, with its state and territory partners, is continuing to respond to the widespread malware campaign known as Emotet while responding to reports that hackers are exploiting the BlueKeep vulnerability to mine cryptocurrency.

24 Oct 2019

Widespread exploitation of vulnerable systems via Emotet malware

The ACSC is investigating a widespread malware campaign known as Emotet. Emotet is a Trojan virus delivered via emails sent with malicious attachments.

15 Oct 2019

Stay Smart Online Week - it's a wrap!

As Stay Smart Online Week comes to a close for another year, we wanted to take a moment to look back on the week.

08 Oct 2019

Protect yourself online – in your language

Check out our fact sheets translated into five languages.

07 Oct 2019

Reverse the threat of cybercrime – Stay Smart Online Week 2019

Take control of your online identity this Stay Smart Online Week

04 Oct 2019

Protect your business online this Stay Smart Online Week

Cybercriminals target businesses of all sizes, stealing business and customer information to commit identity theft, fraud and other crimes. The consequences of this can be devastating.

01 Oct 2019

Vulnerability in Pulse Connect Secure VPN Software

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of a working exploit for a vulnerability that exists in the Pulse Connect Secure Virtual Private Network (VPN) solution software.

07 Sep 2019

ACSC confirms the public release of BlueKeep exploit

The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of the overnight release of a working exploit for the vulnerability known as BlueKeep (CVE-2019-0708). Australian businesses and users of older versions of Windows should update their systems as soon as practically possible, before hackers further refine their tools and tradecraft in order to fully utilise this exploit.

04 Sep 2019

Australian Government Information Security Manual updated

The Australian Signals Directorate (ASD)’s Australian Cyber Security Centre (ACSC) has released updates to the Australian Government Information Security Manual (ISM) to help organisations set the strategic framework for protecting their systems and information from cyber threats.

29 Aug 2019

Electricity program generates a buzz

The ACSC has been actively working with energy sector organisations and government agencies to strengthen their resilience to cyber security threats.

28 Aug 2019

Largest survey to improve cyber security for Australia’s small businesses

It takes a team effort to make Australia the safest place to connect online, and this is one of the reasons why the ACSC is undertaking its largest-ever survey of small to medium-sized businesses in Australia.

12 Aug 2019

UPDATE: ACSC confirms potential exploitation of BlueKeep vulnerability

Thousands of Australian businesses using older Windows systems should immediately install a patch to avoid being compromised.

26 Jul 2019

Cyber security best-practice in mergers, acquisitions and MoG changes

The ACSC has developed tailored advice to help organisations manage the increased cyber security risks, including when data is being migrated from one system to another. Businesses undergoing major organisational change, whether it be through a merger, acquisition or Machinery of Government changes, are an attractive target for cyber criminals because of significant upheaval and disruption to the normal flow of business.

25 Jul 2019

Cyber defences tested in the ACSC and Splunk BOTS Day

The ACSC and Splunk Boss of the Security Operations Centre (BOTS) Day is underway today with up to 650 players participating across Australia and New Zealand. The region’s biggest capture-the-flag-style event tests the skills of cyber security professionals in our largest business, government and education organisations.

23 Jul 2019

Business Email Compromise freight forwarding scam

The Australian Cyber Security Centre (ACSC) is warning small to medium sized businesses supplying IT and electrical products of a social engineered email scam requesting quotes on goods.

02 Jul 2019

Updates to the Essential Eight Maturity Model

Our latest update to the Essential Eight Maturity Model (the Maturity Model) provides technical guidance to help organisations improve their cyber security maturity.