Fundamentals of Cross Domain Solutions
This guidance introduces technical and non-technical audiences to cross domain security principles for securely connecting security domains. It explains the purpose of a Cross Domain Solution (CDS) and promotes a data-centric approach to a CDS system implementation based on architectural principles and risk management. This guidance also covers a broad range of fundamental concepts relating to a CDS, which should be accessible to readers who have some familiarity with the field of cyber security. Organisations with complex information sharing requirements are encouraged to refer to this guidance in the planning, analysis, design and implementation of CDS systems.
Advanced Persistent Threat (APT) actors targeting Australian health sector organisations and COVID-19 essential services
The Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC) is aware that Advanced Persistent Threat (APT) actors are actively targeting health sector organisations and medical research facilities.
Advisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks
This advisory details the tactics, techniques and procedures (TTPs) identified during the Australian Cyber Security Centre’s (ACSC) investigation of a cyber campaign targeting Australian networks. These TTPs are captured in the frame of tactics and techniques outlined in the MITRE ATT&CK framework.
Strategies to Mitigate Cyber Security Incidents – Mitigation Details
The Australian Cyber Security Centre (ACSC) has developed prioritised mitigation strategies to help cyber security professionals in all organisations mitigate cyber security incidents caused by various cyber threats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.
Advisory 2020-004: Remote code execution vulnerability being actively exploited in vulnerable versions of Telerik UI by sophisticated actors
This advisory is focused around the targeting of CVE-2019-18935 but has significant overlap to the previously released ACSC 2019-126 advisory.
Become an ACSC partner
The ACSC Partnership Program is open to industry, the research community and government agencies.
Advisory 2020-017: Resumption of Emotet malware campaign
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has observed the resumption of an ongoing and widespread campaign of malicious emails designed to spread the Emotet malware across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies.
Advisory 2020-009: Recommendations to mitigate APT actors targeting health sector and COVID-19 essential services
The ACSC recommends that organisations in the health sector implement the following cyber security mitigations:
Become an ACSC Government Partner
Advisory 2020-016: "Zerologon" - Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472)
The ACSC recommends organisations immediately patch affected Microsoft Windows systems with the Microsoft August 2020 Security Updates, released 11/08/2020.
ACSC Advisory 2019-125: Targeting of Microsoft SharePoint CVE-2019-0604
This ACSC advisory provides recommendations for securing Microsoft SharePoint and advice on identifying potential successful exploitation of this vulnerability.
Summary of Tactics, Techniques and Procedures Used to Target Australian Networks
This advisory provides information on methods to detect many of the TTPs listed. Partners are strongly encouraged to review their environments for the presence of the exploited vulnerabilities and provided TTPs.
Page not found
Page not found for error 404
View all content
This page outlines all of the content types on the site so you can navigate and filter on content
Anatomy of a Cloud Assessment and Authorisation
The Anatomy of a Cloud Assessment and Authorisation is co-designed with industry to support the secure adoption of cloud services across government and industry.
Web shell malware
Malicious web shells are a type of software uploaded to a compromised web server to enable remote access by an attacker. While web shells may be benign, their use by cyber adversaries is becoming more frequent due to the increasing use of web-facing services by organisations across the world.
Unacceptable malicious cyber activity
As Australians and the international community band together to respond to COVID-19, the Australian Government is concerned that malicious cyber actors are seeking to exploit the pandemic for their own gain.
View all content - Large organisations and infrastructure
This page lists all the content types for the large organisations and infrastructure audience
View all content - Individuals and families
This page lists all of the content for the individuals and families audience group
View all content - Small and medium businesses
This page lists all the content types for small and medium businesses audience
View all content - Government
This page lists all of the content tagged for a government audience
ACSC program enters its next phase through JCSCs
The ACSC Partnership Program is increasingly bringing industry, academia, law enforcement and government agencies together in collaborative work spaces, enabling information-sharing and network-hardening across the economy. This is being enabled through the network of Joint Cyber Security Centres (JCSCs) around Australia.
Register for products and services - small and medium businesses
Are you interested in being connected or receiving tailored communications for your business? There are a range of ways the ACSC is supporting you and your business.
COVID-19 cyber scams mount against Australians
Cybercriminals continue to target Australians through a range of COVID-19 themed scams, fraud attempts and deceptive email schemes, the Australian Cyber Security Centre (ACSC) has warned in a new threat update.
Introduction to Cross Domain Solutions
This document introduces technical and non-technical audiences to the concept of a Cross Domain Solution (CDS), a type of security capability that is used to connect discrete systems within separate security domains in an assured manner.
Exploitation of critical Cisco ASA vulnerability
The ACSC has become aware of a change in the threat situation surrounding the recently announced Cisco ASA critical remote code execution vulnerability. Proof of concept code is now available which results in a denial of service condition on targeted vulnerable devices.
Chief Information Security Officer
This section of the ISM provides guidance on Chief Information Security Officers.
UK-US-Canada Joint Advisory on Russia
Today, Australia declares its support for the release of the Joint Cyber Security Advisory by the US, UK and Canada, which details malicious cyber activity by Russian actors targeting organisations involved in COVID-19 vaccine development.
2019-126: Recommendations for mitigation of vulnerable version of Telerik UI
The tools to exploit this vulnerability have been publicly published and require only basic knowledge or skills to use successfully. Any servers currently running a vulnerable version should be considered at risk and remediation steps should be taken.
Australian Cyber Security Hotline
1300 CYBER1(1300 292 371)