Sorry, you need to enable JavaScript to visit this website.
Skip to main content

News

Microsoft logo

UPDATE: ACSC confirms potential exploitation of BlueKeep vulnerability

Aug 12, 2019 - Thousands of Australian businesses using older Windows systems should immediately install a patch to avoid being compromised. The Australian Signals Directorate (ASD) is aware of malicious activity that indicates potential widespread abuse of the BlueKeep vulnerability known as CVE-2019-0708, affecting older versions of Windows operating systems including the Windows Vista, Windows 7, Windows XP, Server 2003 and Server 2008 operating systems.
desk people

Cyber security best-practice in mergers, acquisitions and MoG changes

Jul 26, 2019 - The ACSC has developed tailored advice to help organisations manage the increased cyber security risks, including when data is being migrated from one system to another. Businesses undergoing major organisational change, whether it be through a merger, acquisition or Machinery of Government changes, are an attractive target for cyber criminals because of significant upheaval and disruption to the normal flow of business.
Code on mobile and laptop

Cyber defences tested in the ACSC and Splunk BOTS Day

Jul 25, 2019 - The ACSC and Splunk Boss of the Security Operations Centre (BOTS) Day is underway today with up to 650 players participating across Australia and New Zealand. The region’s biggest capture-the-flag-style event tests the skills of cyber security professionals in our largest business, government and education organisations.
person at laptop

ACSC ADVISORY: Sextortion Campaign

Jul 24, 2019 - The ACSC is aware of a sextortion scam email campaign targeting the Australian community. The ACSC, Office of the eSafety Commissioner and Scamwatch have received over 300 reports this week. This scam may appear to originate from an individual’s own email address and threatens to release personal and sensitive information unless the scammer is paid money.
Email scam

Business Email Compromise freight forwarding scam

Jul 23, 2019 - The ACSC is warning small to medium sized businesses supplying IT and electrical products of a social engineered email scam requesting quotes on goods. A number of Australian businesses have been forced to close since the scam began due to the losses they have sustained. The amounts lost average between $30K and $100K with the largest to date being $170K. To date, the cyber criminals have yielded more than $700,000 through what has been termed freight forwarding scams.
Essential Eight

Updates to the Essential Eight Maturity Model

Jul 2, 2019 - Cyber criminal activity is constantly evolving so the advice of the ACSC constantly evolves, too. As the lead agency on cyber security, the ACSC assists organisations by adopting a risk management approach and providing expert advice that best meets their specific needs. It’s never one-size-fits-all. Our expert advice helps government protect their networks, staff and customers.
acsc-asean-2019

ACSC-ASEAN Strengthening Regional Cyber Security

Jul 1, 2019 - An international hacking exercise in Perth last week saw thirty top cyber security incident responders from ten Association of South East Asian Nations (ASEAN) compete with their Australian counterparts to further strengthen regional cyber defences and cooperation.
we want to hear from you. Cyber security survey for small business

ACSC Small Business Survey. Tell us about your cyber security challenges

Jun 17, 2019 - The ACSC Small Business Survey is being shared with a range of government and small business support groups around Australia, inviting members and stakeholders to participate. The survey is an opportunity to share the challenges small businesses face and to know what they’re worried about, so we can help businesses of all kinds manage risks and minimise harm.
Microsoft logo

Australian Cyber Security Centre advises Windows users across Australia to protect against BlueKeep

Jun 6, 2019 - The ACSC is aware of Microsoft’s recent disclosure of a remote desktop vulnerability called CVE-2019-0708, also known as BlueKeep. As an indication of just how significant the impacts of BlueKeep can be to their customers, Microsoft took the unusual step of publishing advice to warn of its ability to propagate or ‘worm’ through vulnerable computer systems, with no user interaction at all.
Canva logo

Canva users advised to change your password

May 25, 2019 - The ACSC is aware of a security incident affecting the Australian online design platform, Canva. Canva assures the ACSC it has taken the necessary steps to mitigate the incident and is encouraging all users to change their passwords as a precaution.