Sorry, you need to enable JavaScript to visit this website.
Skip to main content
Book image 3

Australian Government Information Security Manual (ISM)

Jun 17, 2019 - The Australian Cyber Security Centre (ACSC) within the Australian Signals Directorate (ASD) produces the Australian Government Information Security Manual (ISM) . Purpose The ISM helps organisations use their risk management framework to protect information and systems from cyber threats. The cyber security guidelines within the ISM are based on the experience of the ACSC within ASD…

Travelling Overseas with Electronic Devices

Jun 12, 2019 - This publication provides guidance on strategies that individuals can take to secure the use of electronic devices that take with them when travelling overseas. . Travelling Overseas with Electronic Devices (June 2019) , Introduction The targeting of electronic devices used by personnel during overseas travel is a real and persistent threat. Electronic devices…

Microsoft Windows Security Vulnerability – ‘BlueKeep’ (CVE-2019-0708)

Jun 6, 2019 - Vulnerability The Australian Signals Directorate’s Australian Cyber Security Centre advises Windows users to ensure their systems are patched and up to date after Microsoft’s recent disclosure of new remote desktop vulnerability. CVE-2019-0708, also known as ‘BlueKeep’ leaves users open to attack from malicious actors who can exploit a vulnerability via Remote Desktop Services (RDS) on legacy versions of the Windows…
man and woman looking worried at laptop

ACSC Advisory – 2019-126: Vulnerable version of Telerik UI being actively exploited by APT actor

May 16, 2019 - The Australian Cyber Security Centre (ACSC) has become aware that Advanced Persistent Threat (APT) actors have been scanning for and attempting exploitation against unpatched versions of Telerik UI for ASP.NET AJAX using publically available exploits. Successful exploitation could allow an attacker to upload files to the vulnerable server to facilitate further compromise. . Details Telerik offers…

Minimising the Threat from Java-based Intrusions

Apr 30, 2019 - Minimising the Threat from Java-based Intrusions (April 2019) First published 2014; Latest version April 2019 Introduction Java applications are widely deployed by organisations. As such, exploiting security vulnerabilities in the Java platform is particularly attractive to adversaries seeking unauthorised access to organisations’ networks..
Essential eight

Essential Eight to ISM Mapping

Apr 30, 2019 - This document provides a mapping between Maturity Level 3 of the Essential Eight Maturity Model and the security controls within the Australian Government Information Security Manual (ISM). This mapping represents the minimum security controls organisations must implement to meet the intent of the Essential Eight. .
Windows event viewer icon

Windows Event Logging and Forwarding

Apr 30, 2019 - This publication provides guidance on the configuration of Windows Event Logging and Forwarding functionality to support the detection and remediation of cyber security incidents. .
Feature - mobile security

What Executives Should Know About Cyber Security

Apr 30, 2019 - This publication discusses high-level topics that executives should know about cyber security within their organisations. .

Using Virtual Private Networks

Apr 30, 2019 - This publication provides guidance on how to securely configure the use of Virtual Private Networks between geographically-separated office buildings (site-to-site VPNs) and in support of remote workers (remote access VPNs). .

Using Remote Desktop Clients

Apr 30, 2019 - This publication provides guidance on how to secure the use of remote desktop clients for individuals working remotely or from home. .