Search

VMware vCenter Server plugin remote code execution vulnerability (CVE-2021-21972)   Alert

Feb 25, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) advises users of VMware vCenter Server products, including as part of VMware Cloud Foundation, to ensure their systems are promptly patched after the recent disclosure of a new remote code execution vulnerability.

Junos OS 22.4R2 for MX304, EX4100-48MP, EX4100-24MP, EX4100-24P, EX4100-24T, EX4100-48P, EX4100-48T  

May 11, 2023 - Juniper 22.4R2

Juniper SRX4700, SRX4120 and SRX2300 for Junos OS 25.2R1  

Oct 3, 2025 - Juniper SRX4700, SRX4120 and SRX2300 for Junos OS 25.2R1

ISM OSCAL v2024.12.19  

Dec 18, 2024 - ISM OSCAL v2024.12.19 - based on December 2024 Information Security Manual (ISM) and OSCAL version 1.1.2.

ISM OSCAL v2022.09.14  

ISM OSCAL v2022.09.14 - based on June 2022 Information Security Manual (ISM) and OSCAL version 1.0.4.

ISM OSCAL v2022.09.15  

ISM OSCAL v2022.09.15 - based on September 2022 Information Security Manual (ISM) and OSCAL version 1.0.4.

Annual Cyber Threat Report 2024-2025   Reports and statistics

Oct 14, 2025 - ASD’s Annual Cyber Threat Report 2024–25 provides an overview of the key cyber threats impacting Australia, how ASD’s ACSC is responding and cyber security advice for Australian individuals, organisations and government to protect themselves online.

Threat update: COVID-19 malicious cyber activity 20 April 2020   Advisory

Apr 20, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) continues to receive reports from individuals, businesses and government departments about a range of different COVID-19 themed scams, online frauds and phishing campaigns. This threat update is about raising awareness of the evolving nature of COVID-19 related malicious cyber activity impacting Australians.

Advisory 2020-004: Remote code execution vulnerability being actively exploited in vulnerable versions of Telerik UI by sophisticated actors   Advisory

May 22, 2020 - This advisory is focused around the targeting of CVE-2019-18935 but has significant overlap to the previously released ACSC 2019-126 advisory.

ASD Cyber Threat Report 2022-2023   Reports and statistics

Nov 14, 2023 - The ASD's Cyber Threat Report is ACSC’s flagship unclassified publication. The Report provides an overview of key cyber threats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online

ASD's ACSC Annual Cyber Threat Report, July 2021 to June 2022   Reports and statistics

Nov 4, 2022 - The Annual Cyber Threat Report is the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) flagship unclassified publication. The Report provides an overview of key cyberthreats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online.

Annual Cyber Threat Report 2023-2024   Reports and statistics

Nov 20, 2024 - ASD’s Annual Cyber Threat Report 2023–24 provides an overview of the key cyber threats impacting Australia, how ASD’s ACSC is responding and cyber security advice for Australian individuals, organisations and government to protect themselves online.

RackTop SHIELD v1.0  

Nov 27, 2025 - RackTop SHIELD v1.0

RackTop SPEAR v1.0  

Nov 27, 2025 - RackTop SPEAR v1.0

Australian Signals Directorate releases the Annual Cyber Threat Report 2024-25   News

Oct 14, 2025 - The Annual Cyber Threat Report 2024-25 provides an overview of the key cyber threats impacting Australia, how ASD's ACSC is responding and cyber security advice for Australian individuals, organisations and government to protect themselves online.

Understanding Ransomware Threat Actors: LockBit   Advisory

May 8, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) alongside international partners have released a joint advisory on the ransomware variant LockBit. It functions as an affiliate-based Ransomware-as-a-Service (RaaS) model where affiliates are recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure.

#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability   Advisory

Nov 29, 2023 - This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.

Best practices for event logging and threat detection   Publication

Aug 22, 2024 - This publication defines a baseline for event logging best practices to mitigate cyber threats.

2021-010: ASD's ACSC Ransomware Profile - Conti   Advisory

Mar 4, 2022 - Conti is a ransomware variant first observed in early 2020, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Conti is offered as a Ransomware-as-a-Service (RaaS), enabling affiliates to utilise it as desired, provided that a percentage of the ransom payment is shared with the Conti operators as commission. This product provides information related to Conti’s background, threat activity, and mitigation advice.

Fast Flux: A national security threat   Advisory

Apr 4, 2025 - This advisory is for network defenders and explains how Bulletproof Hosting Providers are using ‘fast flux’ to cycle quickly through bots and DNS records to bypass detection. It highlights the importance of using a reputable Protective DNS (PDNS) provider that detects and blocks fast flux.