Sorry, you need to enable JavaScript to visit this website.
Skip to main content
Strong password artwork

Easy steps to secure your online information

Apr 29, 2019 - The Australian Cyber Security Centre (ACSC) has developed an Easy Steps Guide to help Australians protect themselves from cyber criminals. Lottery and grant scams, identity theft, investment scams, hacking, phishing, dating and romance scams, online abuse and sextortion are just some of the threats people face. Our Easy Steps Guide shows how you can better protect yourself from these threats and secure your accounts and…
Software update

You need to patch to protect your business online

May 17, 2019 - Malicious actors are compromising Australian business Remote Desktop Protocol (RDP) services, also known as Windows Terminal Services or Windows Remote Desktop. In 2018 and 2019, the ACSC knows of more than 48,000 Australian RDP services that were accessible on the Internet, exposing more than 2,000 Australian businesses. The ACSC believes these compromises are part of ongoing campaigns to exploit cybersecurity…

Bring Your Own Device for Executives

May 17, 2019 - This publication provides high-level guidance for executives on the use of personal electronic devices within their organisations. First published 2012; Latest version April 2019 . Bring Your Own Device for Executives (April 2019) , Introduction Bring Your Own Device (BYOD) scenarios enable organisations to take advantage of new technologies faster. It also has…

Assessing Security Vulnerabilities and Applying Patches

May 17, 2019 - Applying patches to operating systems, applications and devices is critical to ensuring the security of systems. As such, patching forms part of the Essential Eight from the Strategies to Mitigate Cyber Security Incidents. . Assessing Security Vulnerabilities and Applying Patches , Introduction Applying patches to operating systems, applications and devices is…

Cyber Security for Contractors

May 17, 2019 - This publication provides guidance for contractors in securing Australian Government information that they have been entrusted with. First published 2012; Latest version April 2019 . Cyber Security for Contractors (April 2019) , Introduction Adversaries regularly target Australian Government information held by contractors, both classified and unclassified, in…

Cloud Computing Security for Cloud Service Providers

May 17, 2019 - This publication discusses the risks associated with cloud computing and provides guidance on suitable mitigation strategies. This publication is specifically tailored for cloud service providers. First published 2014; Latest version April 2019 . Cloud Computing Security for Cloud Service Providers (April 2019) , Introduction This document is designed to…

Drive-by Downloads

May 17, 2019 - This publication discusses how drive-by download intrusions work and provides guidance to mitigate these intrusion techniques. First published 2012; Latest version April 2019 . Drive-by Downloads (April 2019) , Introduction Adversaries are increasingly using drive‐by download techniques to deliver malicious software that compromises computers. This document…

Cloud Computing Security Considerations

May 17, 2019 - This publication discusses the risks associated with cloud computing and provides guidance on suitable mitigation strategies. First published April 2011; Latest version April 2019  . Cloud Computing Security Considerations (April 2019) , Note: Detailed Cloud Computing Security advice is available. , Introduction Cloud computing…

Data Spill Management Guide

May 17, 2019 - This publication provides guidance for managing data spills within an organisation. First published 2012; Lastest version April 2019 . Data Spill Management Guide (April 2019) , Introduction A data spill is the accidental or deliberate exposure of information into an uncontrolled or unauthorised environment, or to persons without a need-to-know. A data spill is…
man and woman looking worried at laptop

ACSC Advisory – 2019-126: Vulnerable version of Telerik UI being actively exploited by APT actor

May 16, 2019 - The Australian Cyber Security Centre (ACSC) has become aware that Advanced Persistent Threat (APT) actors have been scanning for and attempting exploitation against unpatched versions of Telerik UI for ASP.NET AJAX using publically available exploits. Successful exploitation could allow an attacker to upload files to the vulnerable server to facilitate further compromise. . Details Telerik offers…