You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 601 - 630 of 669 results.
Critical vulnerability in ConnectWise’s ScreenConnect Alert
Feb 25, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre ( ASD’s ACSC) is aware of a critical vulnerability affecting ConnectWise’s ScreenConnect. Customers should update to the patched version immediately.
Ivanti Sentry Authentication Bypass Vulnerability Alert
Aug 22, 2023 - An authentication bypass vulnerability (CVE-2023-38035) has been identified that allows unauthorised access to sensitive APIs which can be used to set configuration parameters on the administrator portal (MICS).
Critical vulnerabilities in GitLab Products Alert
Jan 15, 2024 - The Australian Signals Directorate’s (ASD's) Australian Cyber Security Centre (ACSC) is aware of critical vulnerabilities affecting GitLab Community Edition (CE) and Enterprise Edition (EE). Customers should update to a patched version immediately and enable multi-factor authentication for all GitLab accounts.
Important Vulnerabilities in Microsoft’s August 2023 Security Update Alert
Aug 10, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s August 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.
Multiple key vulnerabilities identified in Microsoft products Alert
Oct 13, 2021 - Multiple key vulnerabilities were identified in Microsoft’s 12 October 2021 patch release. While all vulnerabilities addressed in this release are important to mitigate the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) wishes to highlight several vulnerabilities for priority consideration.
Widespread exposure of vulnerability in cPanel Alert
May 9, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a vulnerability affecting cPanel and cPanel managed websites. All Australian organisations should apply the available patches, and ensure staff are informed of the risks against their systems when clicking suspicious links.
Multiple Vulnerabilities in Atlassian Confluence Data Center and Server Alert
Nov 1, 2023 - ASD’s ACSC has received information on multiple vulnerabilities in Atlassian’s Confluence Data Center and Server (CVE-2023-22515 & CVE-2023-22518). Organisations are strongly encouraged to take immediate action to ensure affected instances are patched.
Conti ransomware incidents in Australia Alert
Dec 10, 2021 - Multiple Australian organisations have been impacted by Conti ransomware in November and December 2021.
Critical vulnerability identified in Apple iOS and macOS Alert
Feb 12, 2022 - A Remote Code Execution vulnerability has been identified in certain versions of Apple WebKit, affecting iOS and macOS devices. Affected users of these devices should update their devices as soon as possible.
Critical severity vulnerability in Fortinet FortiOS SSL-VPN Alert
Dec 13, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a heap-based buffer overflow vulnerability in FortiOS SSL-VPN. All Australian organisations should apply the available patch immediately.
Critical vulnerability present in SAP Internet Communication Manager Alert
Feb 11, 2022 - A vulnerability has been identified in SAP Internet Communication Manager (ICM), a component of many SAP products, which may allow full system takeover. Affected organisations should apply the available security update.
Exploitation of Microsoft Office vulnerability: Follina Alert
Jun 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.
Critical vulnerabilities in Citrix Gateway and Application Delivery Controller (ADC) devices Alert
Dec 14, 2022 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a critical vulnerability affecting many versions of Citrix Gateway and ADC. All Australian operators should check for indicators of compromise and install the latest updated versions.
Potential Accellion File Transfer Appliance compromise Alert
Feb 25, 2021 - The ACSC has identified Australian organisations that may have been impacted by the Accellion File Transfer Appliance vulnerability and have provided mitigation recommendations.
Use of Log4j vulnerabilities in ransomware activity Alert
Dec 23, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) expects an increase in ransomware activity using Log4j as an exploit vector. Malicious actors may take advantage of trivial exploits to impact Australian organisations.
Small business cloud security guides
Apr 2, 2024 - ASD's ACSC has released a series of guides designed to help small businesses secure their cloud environment.
Small business cloud security guides: Introduction Publication
Dec 16, 2022 - Securing your business can be a complex task. Among the numerous security priorities and configuration options, it can be difficult to know where to begin. These guides adapt ASD's ACSC’s Essential Eight mitigation strategies and outline an example of how each can be implemented to secure Microsoft 365 capabilities. The technical examples are designed to offer significant protection against cybersecurity incidents while remaining accessible to organisations with limited resources and cybersecurity expertise.
Traffic Light Protocol (TLP) Publication
The Traffic Light Protocol is a set of Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) designations used to ensure that information is shared with the correct audience.
Critical vulnerability discovered in HTTP.SYS in Microsoft Windows Alert
May 13, 2021 - A remote code execution vulnerability could enable a malicious cyber actor to compromise vulnerable Microsoft Windows hosts. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends applying available patches.
Multiple high severity vulnerabilities discovered in the Exim mail server Alert
May 10, 2021 - Exim vulnerabilities could enable a malicious cyber actor to compromise vulnerable Exim servers. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends applying available patches.
Essential Eight maturity model Publication
Nov 27, 2023 - This publication provides advice on how to implement the Essential Eight.
ລາວ (Lao) Guidance
Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Lao.
မြန်မာ (Burmese) Guidance
Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Burmese.
ភាសាខ្មែរ (Khmer) Guidance
Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Khmer.
Translated information
Apr 4, 2024 - We have developed easy-to-follow cybersecurity information and resources to support people from non-English speaking backgrounds to be more cyber secure.
JCSC virtual presentations on Log4j2 vulnerability – Friday 17 December News
Dec 16, 2021 - A critical alert and advisory has been published on the Log4j2 vulnerability. On Friday 17 December 2021, ASD's ACSC’s Joint Cyber Security Centres (JCSCs) will facilitate a series of virtual awareness and advice sessions about this vulnerability. Australians are urged to act now to secure their computer systems against this critical software vulnerability.
Joint advisory on top cyber vulnerabilities News
Jul 28, 2021 - The top 30 cyber security vulnerabilities exploited by malicious cyber actors since 2020 have been detailed in a joint advisory issued by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and counterpart cyber security agencies from the United States and the United Kingdom.
Cloud assessment and authorisation FAQ Publication
Jan 18, 2024 - This publication provides answers to frequently asked questions on the Australian Signals Directorate (ASD)’s assessment and authorisation framework for cloud service providers (CSPs) and their cloud services.
Managing the risks of legacy IT: Executive guidance Publication
Jun 12, 2024 - This publication provides high-level and strategic guidance for an organisation’s executive seeking to manage the risks of legacy IT.
Bring Your Own Device for executives Publication
Oct 6, 2021 - Bring Your Own Device (BYOD) scenarios enable organisations to take advantage of new technologies faster. It also has the potential to reduce hardware costs and improve organisational productivity and flexibility. However, BYOD also introduces new risks to an organisation’s business and the security of its information, which need to be carefully considered before implementation.
