Search

Processors can be exploited by Meltdown and Spectre vulnerabilities   Alert

Jan 29, 2020 - Security researchers have developed methods involving speculative execution to read kernel memory from user space on a variety of processors from a range of vendors produced in the last decade. These methods have been referred to as Meltdown and Spectre.

Active exploitation of vulnerable MobileIron products   Alert

Sep 18, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of vulnerabilities in multiple MobileIron products by malicious cyber actors, including sophisticated state-based actors.

Joint Cybersecurity Guide to increase cyber security of products globally   News

Apr 14, 2023 - This guide provides a roadmap for technology manufacturers to ensure security of their products.

Mandatory Incident Reporting   News

Apr 11, 2022 - New measures to enhance the cyber security of Australia’s critical infrastructure.

Hunting Russian Intelligence “Snake” Malware - Joint Cybersecurity Advisory   News

May 10, 2023 - Today we released a Joint Cybersecurity Advisory with our international partners on the Snake implant. The Snake implant is a sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service for long-term intelligence collection on sensitive targets.

Vulnerability Disclosure Program   News

Nov 23, 2022 - New ACSC publication released to help organisations implement a Vulnerability Disclosure Program.

Cyber Incident Management Arrangements for Australian Governments   News

Dec 18, 2018 - Australia’s Cyber Incident Management Arrangements (CIMA) outlines the inter-jurisdictional coordination arrangements and principles for Australian governments’ cooperation in response to national cyber incidents.

Increased Global Ransomware Threats   Alert

Feb 10, 2022 - In 2021, cybersecurity authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally.

Critical vulnerability in ConnectWise’s ScreenConnect   Alert

Feb 25, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre ( ASD’s ACSC) is aware of a critical vulnerability affecting ConnectWise’s ScreenConnect. Customers should update to the patched version immediately.

Artificial intelligence and machine learning pose new cyber security risks to supply chains   News

Oct 16, 2025 - New publication for organisations on the importance of AI and ML supply chain security.

New guidance to help fortify Australia’s critical infrastructure   News

Oct 13, 2025 - Australian CI is, and will continue to be, an attractive target for state-sponsored cyber actors. Read the CI Fortify publication to learn two actions CI operators can take to strengthen their resilience in preparation for instances of crisis or service disruption.

Alerts   Hub item

National cyber security exercises for Australia’s electricity industry   News

Apr 30, 2020 - In November 2019, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) coordinated a national cyber security exercise series in partnership with Australia’s electricity industry and government agencies.

A Shared Vision of Software Bill of Materials (SBOM) for Cybersecurity   Publication

Sep 4, 2025 - This guidance, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and international partners, presents a shared vision of Software Bill of Materials (SBOM) and the value that increased software component and supply chain transparency can offer to the global community.

Building cyber capability and resilience across the Asia Pacific region   News

Nov 6, 2025 - Working together to engage with international partners to drive cyber security uplift and cyber threat awareness.

2021-009: Malicious actors deploying Gootkit Loader on Australian Networks   Advisory

Aug 27, 2021 - From April 2021, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has received an increase in reporting of malicious actors targeting Australian networks with Gootkit JavaScript (JS) Loaders. Open-source reporting confirms that Gootkit JS Loaders are a precursor to several malware families traditionally used for cybercrime, notably, Gootkit, REvil ransomware, Kronos, or CobaltStrike. The ASD’s ACSC is providing this information to enable organisations to undertake their own risk assessments and take appropriate actions to secure their systems and networks. The ASD’s ACSC will update this advisory if more information becomes available.

Head of ACSC talks cyber security with Natarsha Belling in podcast special   News

Nov 29, 2021 - Ms Abigail Bradshaw, head of the Australian Cyber Security Centre (ACSC), recently sat down with journalist Natarsha Belling to discuss the common cyber threats affecting Australians today.