You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 91 - 120 of 670 results.
Remote code execution vulnerability present in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component Alert
Nov 11, 2021 - A vulnerability has been identified in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component. Affected Australian organisations should apply the available update as soon as possible.
Remote access to operational technology environments Publication
Mar 28, 2023 - Many critical infrastructure providers are moving to support remote working arrangements. In doing so, modifying cybersecurity defences for operational technology environments (OTE) is not a decision that should be taken lightly.
Critical remote code execution vulnerability found in the Log4j library Alert
Dec 21, 2021 - A vulnerability (CVE-2021-44228) exists in certain versions of the Log4j library. A malicious cyber actor could exploit this vulnerability to execute arbitrary code. Australian organisations should apply latest patches immediately where Log4j is known to be used.
TMUI remote code execution vulnerability - CVE-2020-5902 Alert
Jul 6, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) advises users of F5’s enterprise and data centre BIG-IP products to ensure their systems are promptly patched after the recent disclosure of new remote code execution vulnerability.
Protect yourself from remote access scams Advisory
Nov 4, 2020 - NEVER provide your personal and financial details or give a stranger remote access to your device or computer – simply hang up.
Remote code execution vulnerability present in vm2 sandbox Alert
Oct 11, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a remote code execution vulnerability in vm2 sandbox versions prior to 3.9.11. Affected Australian organisations should apply the available patch immediately.
Remote Code Execution Vulnerability In Cisco Unified Communications Products Alert
Jan 26, 2024 - ASD’s ACSC is aware of a vulnerability in Cisco Unified Communications Products (CVE 2024-20253). Organisations using Cisco Unified Communication products are strongly advised to follow the mitigation advice provided by Cisco if they are vulnerable.
Remote Code Execution Vulnerability In Confluence Data Center and Confluence Server Alert
Jan 17, 2024 - ASD’s ACSC is aware of a vulnerability in Confluence Data Center and Confluence Server (CVE-2023-22527). Organisations are strongly encouraged to take immediate action to ensure affected instances are patched.
Zoho ManageEngine ServiceDesk Plus & Desktop Central remote code execution vulnerabilities Alert
Dec 8, 2021 - Vulnerabilities have been identified in certain versions of Zoho ManageEngine ServiceDesk Plus and Desktop Central product suites. Australian organisations using vulnerable Zoho ManageEngine products should apply the available patch.
Cyber threat actors compromising networks of major global telecommunications providers News
Dec 4, 2024 - New guidance is available for network defenders of communications infrastructure to strengthen visibility and harden devices against PRC-affiliated and other malicious cyber actors.
Ad Noctem Connect 1.0
Jul 23, 2024 - Ad Noctem Connect 1.0
Remote code execution vulnerability present in certain versions of Atlassian Confluence Alert
Sep 1, 2021 - A vulnerability exists in certain self-hosted versions of Atlassian Confluence which could allow a malicious cyber actor to execute arbitrary code. Affected organisations should apply the available patch to mitigate this vulnerability.
2023-03: ASD's ACSC Ransomware Profile – Lockbit 3.0 Advisory
Jun 15, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of Lockbit 3.0 which is the newest version of Lockbit ransomware. It is used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes as other variants such as encrypting their data, and extorting a ransom to return access to the sensitive files.
Remote code execution vulnerability present in Open Management Infrastructure, affects certain Microsoft Azure services Alert
Sep 16, 2021 - A remote code execution vulnerability exists in Open Management Infrastructure, a management agent used in certain Linux-based Microsoft Azure services. Exploitation of this vulnerability could allow a malicious actor to take control of the vulnerable host. Affected organisations should apply the available security update.
COVID-19 Malicious Scams - Threat Awareness and Guidance Advisory
Mar 27, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has produced a detailed report, including practical cyber security advice that organisations and individuals can follow to reduce the risk of harm.
Security configuration guide: Samsung Galaxy S10, S20 and Note 20 devices Publication
Oct 6, 2021 - ASD has developed this guide to assist Australian’s to understand risks when deploying Samsung Galaxy and Samsung Note devices and the security requirements that need to be met to allow them to handle classified data.
2020-013 Ransomware targeting Australian aged care and healthcare sectors Advisory
Aug 2, 2020 - Recently there has been a significant increase in healthcare or COVID-19 themed malicious cyber activity, including targeting of the aged care and healthcare sectors by financially motivated cyber criminals using the ‘Maze’ ransomware.
Recognise and report scams
Feb 1, 2023 - Scams are a common way that cybercriminals compromise accounts. Being alert to scam messages is a great way to protect yourself online.
Update your devices
Jan 25, 2023 - Updates are new, improved, or fixed versions of software. Regular updates are critical in maintaining a secure system. It's important to check for any updates and make sure that automatic updates are switched on.
Turn on multi-factor authentication
Nov 9, 2022 - Protect your important accounts with extra login steps.
Set up and perform regular backups
Nov 9, 2022 - Backing up and having backups mean you can restore your files if something goes wrong. It is a precautionary measure so that your data is accessible in case something happens to your computer.
Sustained targeting of the health sector Alert
Oct 30, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has identified a sustained campaign by sophisticated cybercrime actors impacting the Australian health sector.
Set secure passphrases
Jul 30, 2024 - Where multi-factor authentication is not available, a strong passphrase is your best defence.
People’s Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations Advisory
Sep 19, 2024 - Cyber actors may have used botnet to compromise thousands of Internet-connected devices.
BADBAZAAR and MOONSHINE: Technical analysis and mitigations Advisory
Apr 9, 2025 - This guidance has been jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC Cyber League. Its provides new and collated threat intelligence on two spywares known as MOONSHINE and BADBAZAAR with guidance for how App store operators, developers and social media companies can keep their users safe.
ISM OSCAL v2024.10.4
Oct 4, 2024 - ISM OSCAL v2024.10.4 - based on the October patch release of the September 2024 Information Security Manual (ISM) and OSCAL version 1.1.2. A patch release that supersedes v2024.09.26.
Security tips for travelling Guidance
Jul 29, 2024 - Learn how to stay secure while travelling with personal devices.
Russian GRU targeting Western logistics entities and technology companies Advisory
May 22, 2025 - This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies.
2022-02: Australian organisations should urgently adopt an enhanced cyber security posture Advisory
Apr 28, 2022 - Entities should follow ACSC advice and act on improving their resilience within a heightened threat environment.
Resources library
Jun 18, 2025 - Resources for individuals, families and small businesses
