Sorry, you need to enable JavaScript to visit this website.
Skip to main content

News

Fed up with Phishing?

Jul 1, 2018 - Would you 'click here' and enter your bank account or credit card numbers, passwords or birthdate because you received an email or text that looks like it's from a bank or government department? If you answered 'yes', there's no need to feel ashamed. Cyber criminals are tricking more and more of us into sharing our most sensitive information. It's the most common type of scam reported in Australia, according to the latest data.

Combat DNS infrastructure hijacking

Jul 1, 2018 - The Australian Cyber Security Centre (ACSC) is aware of a global Domain Name System (DNS) infrastructure hijacking campaign and urges organisations to protect their systems. 'We encourage administrators to follow best practices, including our Essential Eight mitigation strategies, to better safeguard their systems,' said Alastair MacGibbon, Head of the ACSC.

Expanded agreement on incident management arrangements

Jul 1, 2018 - The Council of Australian Governments has today agreed to expanded Cyber Incident Management Arrangements (CIMA), increasing national cyber defences through improved cooperation across jurisdictions. The CIMA outlines the inter-jurisdictional coordination arrangements and principles for Australian Governments’ cooperation in response to national cyber incidents.

2018 - Launching into action

Jul 1, 2018 - Working from new purpose-built headquarters after its official launch in August, the ACSC and its network of Joint Cyber Security Centres (JCSCs) across the country are building on decades of quiet success by Australian agencies. The ACSC, part of the Australian Signals Directorate (ASD), demonstrates the Australian Government's commitment to cyber security in a world where new threats are always emerging.
Data protection

PageUp data incident

Jun 18, 2018 - On Friday 1 June 2018 PageUp Limited, an online recruitment services organisation, notified their customers about a data incident in relation to the integrity of their systems proactively informing of a possible breach. PageUp self-identified suspicious activity on its network and undertook immediate actions to investigate and contain the incident. PageUp notified their corporate customers and the Australian Cyber Security Centre (ACSC) of the issue, enabling the ACSC to quickly assess the incident and support PageUp in their response. In line with the new Notifiable Data…
Browsealoud

ACSC statement on cryptocurrency miner inserted into BrowseAloud

Feb 12, 2018 - Main points The ACSC has become aware of an unauthorised cryptocurrency miner inserted in the BrowseAloud website plugin made by Texthelp. If organisations are using this plugin the ACSC advises your internal networks and websites are not at risk of compromise. Texthelp has released a statement advising that personal and customer data has not been accessed or lost. The security issue has been addressed by Texthelp and the BrowseAloud plugin has been temporarily taken offline, pending investigation. Recommendations
MSP Partner Program

MSP Global Hack

Feb 11, 2018 - Global hack of MSPs affects Australian organisations Cyber security compromises of managed service providers (MSPs) globally, including Australia, have been exposed. These compromises were a concerted campaign to steal commercial secrets from the customers of MSPs for commercial advantage.
Cisco logo

Exploitation of Critical Cisco ASA Vulnerability

Feb 10, 2018 - The ACSC has become aware of a change in the threat situation surrounding the recently announced Cisco ASA critical remote code execution vulnerability. Proof of concept code is now available which results in a denial of service condition on targeted vulnerable devices. Cisco first released a security advisory on 29 January detailing the vulnerability and affected devices but has since identified additional attack vectors and released additional, more comprehensive patches.
Intel Meltdown and Spectre images

Update on processor vulnerabilities (Meltdown/Spectre)

Jan 29, 2018 - Intel has confirmed that the microcode updates designed to mitigate Spectre variant 2 (CVE-2017-5715: Branch Target Injection) have introduced an increased risk of system instability, data loss and corruption. Intel has released an advisory recommending that users cease deployment of the current microcode update (Root Cause of Reboot Issue Identified).

ACSC and AISA seal partnership deal for a secure cyber future

Jan 29, 2018 - The Australian Cyber Security Centre (ACSC) and the Australian Information Security Association (AISA), Australia’s peak body for information security professionals, have joined forces to further strengthen Australia’s cyber security posture and achieve a cyber secure nation. Together the organisations will deliver a high impact program of events in 2019, including a bigger and better Australian Cyber Conference in Melbourne 7-9 October, replacing the ACSC Conference.