You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 21 - 40 of 407 results.
JCSC virtual presentations on Log4j2 vulnerability – Friday 17 December News
Dec 16, 2021 - A critical alert and advisory has been published on the Log4j2 vulnerability. On Friday 17 December 2021, ASD's ACSC’s Joint Cyber Security Centres (JCSCs) will facilitate a series of virtual awareness and advice sessions about this vulnerability. Australians are urged to act now to secure their computer systems against this critical software vulnerability.
2021-007: Log4j vulnerability – advice and mitigations Advisory
Dec 29, 2021 - On 10 December 2021, ASD's ACSC released an alert relating to a serious vulnerability in versions of the Log4j Java logging library. Malicious cyber actors are using this vulnerability to target and compromise systems globally and in Australia. The ASD's ACSC is working with a significant number of victims and affected vendors across all sectors of the economy.
Advice for Malicious Cyber Activity by Iran News
Sep 15, 2022 - Australian organisations are urged to be alert to continued malicious cyber activity conducted by Advanced Persistent Threat (APT) actors, assessed to be affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC).
Advisory 2021-004: Active exploitation of ForgeRock Access Manager / OpenAM servers Advisory
Jul 9, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has identified targeting and compromise of Australian organisations with vulnerable internet-accessible servers running ForgeRock Access Manager (ForgeRock AM). ForgeRock AM was previously known as OpenAM. The ASD's ACSC has observed malicious actors exploiting the vulnerability in ForgeRock AM/OpenAM to gain initial access to networks in multiple organisations, and facilitate further access within these networks. On 7 July 2021 the ASD's ACSC alerted organisations that this vulnerability was being actively exploited. This ASD's ACSC advisory provides recommendations for securing ForgeRock AM against vulnerability CVE-2021-35464, and advice on identifying potential successful exploitation of this vulnerability.
The Commonwealth Cyber Security Posture in 2025 Reports and statistics
Feb 12, 2026 - The Commonwealth Cyber Security Posture in 2025 informs the Australian Parliament on cyber security measures implemented across the Australian Government for the 2024–25 financial year.
Vulnerability in MongoDB product – MongoDB server leak Alert
Dec 29, 2025 - ASD’s ACSC is aware of active global exploitation affecting MongoDB servers CVE-2025-14847. ASD’s ACSC recommends that organisations take immediate action to mitigate affected products, apply the latest patches and investigate for potential compromise.
Critical vulnerability in WatchGuard Firebox devices (CVE-2025-14733) Alert
Dec 22, 2025 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of a critical vulnerability in WatchGuard Firebox devices.
Critical vulnerability in React Server Components (CVE-2025-55182) Alert
Dec 4, 2025 - ASD's ACSC is aware of a critical vulnerability in React Server Components.
Critical vulnerabilities in multiple Fortinet products - FortiCloud SSO Login Authentication Bypass Alert
Dec 10, 2025 - Critical vulnerabilities in Multiple Fortinet Products - FortiCloud SSO Login Authentication Bypass CVE-2025-59718 & CVE-2025-59719. ASD’s ACSC recommends organisations update affected products to the latest versions and follow the advice detailed in the Fortinet Advisory.
Critical vulnerability in Oracle E-Business Suite Alert
Oct 7, 2025 - ASD’s ACSC recommends organisations update affected products to the latest versions and follow the advice detailed in the Oracle Security Advisory.
2021 Top Routinely Exploited Vulnerabilities Advisory
Apr 28, 2022 - This advisory provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.
Critical vulnerability in Microsoft Windows Server Update Service (WSUS) Alert
Oct 25, 2025 - Critical vulnerability impacting Microsoft Windows Server Update Service – CVE-2025-59287. ASD’s ACSC recommends organisations update affected products to the latest versions and follow the advice detailed in the Microsoft Security Update guide.
Implementing SIEM and SOAR platforms: Executive guidance Publication
May 27, 2025 - This publication is one of three in a suite of guidance on SIEM and SOAR platforms. It is primarily intended for executives but can be used by any organisation that is considering whether and how to implement a SIEM and/or SOAR.
2021 Top Malware Strains Advisory
Aug 5, 2022 - This joint Cybersecurity Advisory (CSA) was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).
Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure Advisory
Dec 10, 2025 - This joint Cybersecurity Advisory outlines the tactics, techniques and procedures used by pro-Russia hacktivist groups conducting unsophisticated attacks against US and global critical infrastructure, as well as recommended mitigations.
Implementing SIEM and SOAR platforms: Practitioner guidance Publication
May 27, 2025 - This publication provides high-level guidance for cyber security practitioners on Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.
Supply chain compromise of 3CX DesktopApp Alert
Mar 31, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a reported supply chain compromise affecting the 3CX DesktopApp, allowing malicious actors to conduct multi-stage attacks against users of the legitimate software. Australian users of affected versions of 3CX DesktopApp should immediately follow the vendor’s advice and investigate for signs of malicious activity.
Ongoing active exploitation of SonicWall SSL VPNs in Australia (CVE-2024-40766) Alert
Sep 10, 2025 - The Australian Signals Directorate’s (ASD’s) Australian Cyber Security Centre (ACSC) is aware of ongoing active exploitation of a critical vulnerability in SonicWall SSL VPNs.
ASD's ACSC Annual Cyber Threat Report, July 2021 to June 2022 Reports and statistics
Nov 4, 2022 - The Annual Cyber Threat Report is the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) flagship unclassified publication. The Report provides an overview of key cyberthreats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online.
Sustained targeting of the health sector Alert
Oct 30, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has identified a sustained campaign by sophisticated cybercrime actors impacting the Australian health sector.
