You can view all our news from this page. Use the filters below to filter by audience type, title and summary and the sort options to sort for the most recently updated or published content.
03 Apr 2019
Subject - Urgent payroll request
Cyber criminals are trying to commit payroll fraud by sending fake emails requesting a change to your bank details.
30 Mar 2019
Fake Paypal emails request ‘account details’
The ACSC is aware of malicious emails that are falsely advising Australians that their account has violated Paypal rules. These phishing emails try to lure the recipient into sharing personal information which could then be used for identity theft and financial gain by cyber criminals.
26 Mar 2019
Plug in to ACSC for cyber resilience
The Australian Cyber Security Centre (ACSC) has launched a nationwide program of cyber resilience and response activities for the electricity industry and for government agencies that have an energy and cyber security role.
Keeping up with the updates
The ACSC advises users of Drupal and Firefox to implement the latest fixes for vulnerabilities.
21 Mar 2019
Norwegian aluminium giant hit by ransomware
Norsk Hydro, a Norwegian aluminium and renewable energy company, was subject to a ransomware attack on Tuesday, 19 March 2019.
WordPress 5.1.1 security update
The Australian Cyber Security Centre advises users and administrators of WordPress version 5.1 to update their applications to WordPress 5.1.1. The update addresses a vulnerability that could allow an attacker to take control of an affected website. WordPress 5.1 and prior versions are affected.
20 Mar 2019
Fake CIA emails requesting Bitcoin or arrest
The ACSC is aware of malicious emails claiming to be from the US Central Intelligence Agency (CIA) that are being received by Australians.
15 Mar 2019
Implementing the Essential Eight for MSPs
Following the global compromise of managed service providers or MSPs, the Australian Cyber Security Centre (ACSC) is calling on Australian businesses and individuals to be proactive in implementing better cyber security practices.
14 Mar 2019
A wave of fake social media accounts
Recently, the Australian Cyber Security Centre (ACSC) discovered multiple fake twitter accounts pretending to be affiliated with an Australian company. The accounts featured similar branding and messaging using fake identities and contact details, creating possible confusion for users looking for support.
08 Mar 2019
Google Chrome security update
The ACSC advises Google Chrome users to update their browser in order to patch a known vulnerability.
Women in cyber security: Kylie McDevitt
Network engineering, common sense and top-grade resilience have propelled Kylie McDevitt into her role in the heart of cyber security in Australia’s capital.
22 Feb 2019
ACSC detects malicious activity targeting political party networks
ACSC identifies that during the recent Australian Parliament House Network investigation, a sophisticated state actor was also revealed to have undertaken malicious activities on Australian political party networks including The Nationals, Labor and Liberal.
20 Feb 2019
GPS week roll over 6 April
On 6 April, the GPS week counter rolls over and resets to zero. This change may affect industrial control systems and critical infrastructure owners and operators. This rollover may affect log time stamp information, loss of communication between devices, inability to authenticate multi-factor authentication, or the ability to log in to computers.
07 Feb 2019
Get serious about protecting commercial secrets
The ACSC urges organisations to step up efforts to protect themselves from cyber criminals, after the December quarter Notifiable Data Breaches Quarterly Statistics Report revealed an increase in reported malicious or criminal activity.
05 Feb 2019
ACSC celebrates Safer Internet Day
Today marks Safer Internet Day (SID), and the Australian Cyber Security Centre (ACSC) is a proud partner in supporting this year's theme -- 'Together for a better internet'.
01 Feb 2019
Scammers claiming to be from ICT service desks targeting user multi-factor authentication
The Australian Cyber Security Centre (ACSC) is aware of a phone scam asking staff members of a critical infrastructure organisation to reveal their multifactor authentication credentials.
24 Jan 2019
ACSC certifies Amazon Web Services to host protected data
The Australian Cyber Security Centre (ACSC) has certified Amazon Web Services (AWS) for hosting Australian Government data classified up to the PROTECTED classification level, providing assurance to Australian Government agencies that AWS complies with Australian Government security requirements.
23 Jan 2019
Get smarter with passwords
Whether you’re an individual or part of an organisation, the data dump of billions of stolen passwords and email addresses is a reminder to take action to protect yourself and your information.
18 Jan 2019
Has the global MSP hack affected your business?
The global hack of ICT managed service providers (MSPs) has affected businesses across Australia and the world.
14 Jan 2019
Don't get burned by email scams this summer
At this time of the year, Australia sees its fair share of extreme weather events. These events can take place unexpectedly, leaving Australians little time to consider the possibility of being the target of cybercrime with Cybercriminals eager to take advantage of these stressful situations, pursuing individuals and businesses when they least expect.
09 Jan 2019
Phishing email scam – tender invitation
The ACSC is aware of phishing emails allegedly from the Department of Infrastructure, Regional Development and Cities, inviting the recipient to respond to a tender invitation. This email is a scam, and the fake tender document attached contains malicious links that seek to steal your personal information.
"Whatsapp Gold" is a hoax
The Australian Cyber Security Centre is aware that messages are circulating on Whatsapp that attempt to lure people into using a ‘gold’ version of the app.
08 Jan 2019
ACSC adds Rackspace DHE to Certified Cloud Services List
The Australian Cyber Security Centre has added the Rackspace Dedicated Hosting Environment (DHE) to the Certified Cloud Services List (CCSL) for unclassified workloads, increasing the options available to Australian Government agencies.
07 Jan 2019
ACSC-ASEAN Strengthening Regional Cyber Security
An international hacking exercise in Perth last week saw thirty top cyber security incident responders from ten Association of South East Asian Nations (ASEAN) compete with their Australian counterparts to further strengthen regional cyber defences and cooperation.
29 Dec 2018
ACSC counters threat to web hosting providers
The extensive compromise of multiple web hosting providers and mitigation measures have been detailed in a report released today by the Australian Cyber Security Centre (ACSC). The findings of the ACSC investigation, Operation Manic Menagerie, show that eight Australian web hosting providers were compromised, allowing a malicious actor access to customer websites.
21 Dec 2018
ACSC advice for MSPs
The Australian Cyber Security Centre (ACSC) is providing assistance to ICT managed service providers (MSPs) in the wake of the global cyber security compromise confirmed by the Australian Government.
Alastair MacGibbon, Head of the ACSC and National Cyber Security Adviser, warns that complacency must be avoided in the boardrooms across Australia in light of the recent global cyber security compromise. The ACSC provides assistance and guidance to ICT Managed Service Providers (MSPs) with regards to securing their network effectively.
National Cyber Security Adviser urges end to complacency after global theft of commercial secrets
The ACSC is providing assistance to ICT managed service providers (MSPs) in the wake of the global cyber security compromise confirmed by the Australian Government.
Microsoft warns of Internet Explorer vulnerability
Microsoft has released a security update for Internet Explorer after receiving a report from Google about a new vulnerability that is being used in targeted attacks.
18 Dec 2018
Cyber Incident Management Arrangements for Australian Governments
Australia’s Cyber Incident Management Arrangements (CIMA) outlines the inter-jurisdictional coordination arrangements and principles for Australian governments’ cooperation in response to national cyber incidents.
14 Dec 2018
Facebook warns 6.8 million users about photo bug
Up to 6.8 million people who uploaded their photos to Facebook may have shared more than they intended to because of an application program interface (API) bug.
Bomb threat email scam targeting Australians
The Australian Cyber Security Centre (ACSC) is aware of bomb threat emails being received by Australians.
13 Dec 2018
ACSC adds Google Cloud Platform to CCSL
The Australian Cyber Security Centre (ACSC) has added Google Cloud Platform to the Certified Cloud Services List (CCSL) for unclassified workloads, increasing the options available to Australian Government agencies.
06 Dec 2018
Adobe urges users to patch Flash Player
Adobe has released security updates for its widely used Flash Player app to help users defend themselves against the latest malware.
Users who fail to update their Flash Player app could be vulnerable to cyber criminals, who could use it as an opportunity to access data, programs, individual computers or networks.
04 Dec 2018
Inspiring a new generation
Australia’s best young cyber stars have been recognised in the Cyber Security Challenge Australia (CySCA), the nation’s flagship hacking competition for tertiary students. ASD and industry partners run the challenge to address the critical cyber security skills shortage by encouraging young Australians to pursue a career in the field.
New approach to support cyber security
The updated Australian Government Information Security Manual (ISM) has been released by the Australian Cyber Security Centre.
01 Dec 2018
Marriott, Starwood hit by security incident
The Marriott Group have released a statement regarding a significant data security incident involving their Starwood Guest Reservation database. An investigation undertaken by Marriott in September 2018 determined that there had been unauthorised access to the database, which contained guest information relating to reservations at Starwood properties since 2014.
29 Nov 2018
Medicare and Australia Post SMS scam
You may have seen news reports yesterday of an active phishing campaign via SMS, pretending to be from either Medicare or Australia Post. The messages claim that you have a rebate owed or a competition opportunity and asks you to click through to a website and provide your personal details.
23 Nov 2018
Adelaide JCSC officially opens
Defence Minister officially opens th Adelaide Joint Cyber Security Centre (JCSC), as part of the Government’s $47 million commitment to collaborative cyber security solutions under the 2016 Cyber Security Strategy.
12 Nov 2018
We all have a stake in cyber security
Australia’s banks, insurers and superannuation funds are an attractive target for cyber criminals, so all financial institutions must be able to handle cyber risks and regularly test their own defences.
06 Nov 2018
The ACSC is updating partner contact information
The Australian Cyber Security Centre (ACSC) is currently in the process of updating its contact list for our partners.
01 Nov 2018
Women in security, "You can't be what you can't see"
'A masterclass in national security' is how many participants have described the Women in National Security Conference hosted by the Australian National University's National Security College in Canberra last week.
30 Oct 2018
Australia maintains a key role in international cyber security community
Australia continues to play a leading role in the region’s largest cyber security community with the Australian Cyber Security Centre re-elected as Chair of the Asia-Pacific Computer Emergency Response Team (APCERT) Steering Committee in Shanghai on 23 October 2018.
Beware of phishing after Cathay Pacific data theft
Cathy Pacific advises of a recent successful attempt to access customer data from their subsidiary company, Hong Kong Dragon Airlines Limited. They warn of the need for people to be vigilant and protective of their personal or financial data in light of recent fraudulent phishing campaigns.
24 Oct 2018
What's up with WhatsApp?
Popular messaging app WhatsApp has more than a billion users, which makes it a popular hunting ground for cyber criminals and misinformation merchants alike. The company is testing new limits on the number of people to whom private WhatsApp messages can be forwarded.
16 Oct 2018
UK NCSC releases second Annual Review
The United Kingdom's National Cyber Security Centre (NCSC) has published its second Annual Review, highlighting the sustained threat to the UK from hostile state actors and cyber criminals.
15 Oct 2018
Investigations continue into Facebook security issue
The ACSC is aware of a security issue affecting 50 million Facebook user accounts whereby a flaw in the 'View As' feature allowed attackers to steal Facebook access tokens, which could be used to take over user's accounts. Access tokens are the equivalent of digital keys that allow users to remain logged into Facebook.
12 Oct 2018
Business email compromise, a fast growing scam
The Melbourne Joint Cyber Security Centre (JCSC) hosted a two-hour seminar yesterday on Business Email Compromises (BECs), which many cyber security experts consider to be the major current cybercrime threat to business. The seminar provided information to small and medium business representatives, as these sectors are particularly targeted by cybercriminals who are perpetrating BECs.
Report reveals common categories of hacking tools
A report by international cyber security authorities highlights the use of five publicly available hacking tools and techniques, observed in recent cyber incidents around the world.
11 Oct 2018
A curious mind - CYSCA 2018
Australia's flagship national cyber security challenge wrapped up in Melbourne yesterday after a record number of Australian tertiary students battled to reverse real-world cyber threats around Australia.
09 Oct 2018
Reversing the threat of cyber crime together
In a show of strength to reverse the threat of cybercrime for all Australians, members of the business, government and cyber security community gathered for national Stay Smart Online Week 2018 in Melbourne today to share information about the latest challenges in cyber security in Australia and confirm their commitment to supporting a cyber-aware community.
Australian Cyber Security Hotline
1300 CYBER1(1300 292 371)