Search

Sustained targeting of the health sector   Alert

Oct 30, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has identified a sustained campaign by sophisticated cybercrime actors impacting the Australian health sector.

Multiple high severity vulnerabilities discovered in the Exim mail server   Alert

May 10, 2021 - Exim vulnerabilities could enable a malicious cyber actor to compromise vulnerable Exim servers. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends applying available patches.

Barracuda Email Security Gateway (ESG) malicious activity – additional Indicators of Compromise released   Alert

Dec 25, 2023 - Update: ASD's ACSC is aware of active exploitation of a third party library, Spreadsheet::ParseExcel, leading to potential Arbitrary Code Execution in Barracuda ESG appliances (CVE-2023-7101 and CVE-2023-7102).

Defending against the malicious use of the Tor network   Publication

Oct 6, 2021 - The Tor network is a system that conceals a user’s IP address. It allows anonymous – and often malicious – communication. This guidance shares advice on how to detect and prevent traffic from the Tor network.

Antivirus software   Guidance

Apr 11, 2023 - The consequences of viruses, spyware and other malicious software can be serious and far reaching. Follow our guidance about using antivirus software.

Australia’s second ever cyber sanction imposed   News

May 8, 2024 - Today the Australian Government, along with our international partners, has imposed a targeted financial sanction and travel ban on Russian citizen Dmitriy Khoroshev, for his leadership role in the notorious LockBit ransomware group.

Use of Log4j vulnerabilities in ransomware activity   Alert

Dec 23, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) expects an increase in ransomware activity using Log4j as an exploit vector. Malicious actors may take advantage of trivial exploits to impact Australian organisations.

Google Releases Security Updates for Chrome Browser   Alert

Jun 21, 2021 - On June 17 2021, Google released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. The patch notes for this version can be viewed at Chrome Release Note.

Protect yourself from ransomware   Guidance

Feb 12, 2025 - A ransomware attack could block you from accessing your device or the information on it. Take some time to consider how a ransomware attack might affect you.

SonicWall devices targeted with ransomware utilising stolen credentials   Alert

Aug 3, 2021 - SonicWall devices are being targeted by a malicious cyber actor as targets for ransomware. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of likely related activity targeting Australian organisations.

Vulnerability in Progress Kemp products   Alert

Feb 22, 2024 - ASD’s ACSC is aware of a vulnerability (CVE-2024-1212) that affects all Progress Kemp LoadMaster releases after 7.2.48.1. Organisations are strongly encouraged to take immediate action to patch relevant systems.

2020-003: Mailto ransomware incidents   Alert

Feb 6, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of recent ransomware incidents involving a ransomware tool known as ‘Mailto’ or ‘Kazakavkovkiz’. Mailto belongs to the KoKo ransomware family.

Remote Code Execution Vulnerability In Cisco Unified Communications Products   Alert

Jan 26, 2024 - ASD’s ACSC is aware of a vulnerability in Cisco Unified Communications Products (CVE 2024-20253).

Organisations using Cisco Unified Communication products are strongly advised to follow the mitigation advice provided by Cisco if they are vulnerable.

Multiple Vulnerabilities in Atlassian Confluence Data Center and Server   Alert

Nov 1, 2023 - ASD’s ACSC has received information on multiple vulnerabilities in Atlassian’s Confluence Data Center and Server (CVE-2023-22515 & CVE-2023-22518). Organisations are strongly encouraged to take immediate action to ensure affected instances are patched.

Back to school with cyber secure devices   News

Feb 4, 2022 - As children return to school, Australian parents are urged to make devices like mobile phones and laptop computers more cyber secure and to teach their children about cyber security, with 2022 set to be another year of hybrid learning for most families.

Secure your mobile phone   Guidance

Nov 12, 2024 - The security of your mobile phone can be as crucial as your computer. Follow these steps to protect your phone or tablet from cybercriminals.

Report and recover from business email compromise   Guidance

Jul 14, 2023 - Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.

Critical vulnerability discovered in HTTP.SYS in Microsoft Windows   Alert

May 13, 2021 - A remote code execution vulnerability could enable a malicious cyber actor to compromise vulnerable Microsoft Windows hosts. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends applying available patches.

Email security  

Jul 29, 2024 - Protect yourself, your employees and business from an email security incident before it's too late.

Microsoft Releases Security Updates for Microsoft Edge Browser   Alert

Jun 30, 2021 - On June 24 2021, Microsoft released updates for their Edge Browser addressing two vulnerabilities that an attacker could exploit to inject and execute malicious code.

Cybersecurity terminology   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity terminology.

Critical infrastructure  

Jul 22, 2024 - Technical advice and non-regulatory guidance for critical infrastructure.

Vulnerability in Fortinet’s FortiManager   Alert

Oct 24, 2024 - The ASD’s ACSC is aware of a vulnerability affecting all versions of Fortinet's FortiManager device that enables an unauthorised actor access to the FortiManager console (CVE-2024-47575). FortiManager devices provide centralised management of Fortinet devices from a single console.

Traffic Light Protocol (TLP)   Publication

The Traffic Light Protocol is a set of Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) designations used to ensure that information is shared with the correct audience.

2020-006 Detecting and mitigating exploitation of vulnerability in Microsoft Internet Information Services   Advisory

May 22, 2020 - This advisory provides indicators of the activity the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed and details proactive advice on detecting and mitigating potential exploitation of this vulnerability in Microsoft Internet Information Services.

Are you protected against ‘fast flux’?   News

Apr 4, 2025 - Bulletproof Hosting Providers are using ‘fast flux’ to cycle quickly through bots and DNS records to bypass detection by network defenders and law enforcement agencies.

"Bulletproof" hosting providers are not so bulletproof   News

Jan 22, 2025 - Many cybercriminals rely on Bulletproof Hosting (BPH) providers to carry out their unlawful activities. Read our new publication to find out more about the role that BPH providers play in the cybercrime ecosystem.

Essential Eight maturity model and ISM mapping   Publication

Oct 2, 2024 - This publication provides a mapping between the Essential Eight and the controls within the Information security manual (ISM).

Security tips for social media and messaging apps   Publication

Jul 14, 2022 - It's a great way to stay in touch and share content online. This guide covers the risks of using social media and messaging apps and what to look out for. It also covers ways to help keep accounts safe for business and personal use.

Critical vulnerabilities in Citrix Gateway and Application Delivery Controller (ADC) devices   Alert

Dec 14, 2022 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a critical vulnerability affecting many versions of Citrix Gateway and ADC. All Australian operators should check for indicators of compromise and install the latest updated versions.