You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 41 - 60 of 407 results.
2022 Top Routinely Exploited Vulnerabilities Advisory
Aug 4, 2023 - This advisory provides details on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2022 and the associated Common Weakness Enumeration(s) (CWE).
ASD's ACSC social media community
Connect with us on Facebook, Twitter and YouTube, and find out how to subscribe to our RSS feeds.
Multiple vulnerabilities present in VMware products Alert
Aug 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate action.
Cyber security priorities for boards of directors 2025-26 Publication
Oct 30, 2025 - This advice outlines questions boards can ask of management and their organisation to understand its cyber security posture in the current cyber threat environment.
Multiple Vulnerabilities In Ivanti Endpoint Manager Mobile (Ivanti EPMM) Alert
May 14, 2025 - The Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC) is aware of two vulnerabilities, one medium and one high severity, in Ivanti Endpoint Manager Mobile (EPMM). The ASD’s ACSC recommends organisations patch to the latest version of Ivanti EPMM, available through Ivanti’s download portal, and investigate whether their systems have been compromised.
Multiple vulnerabilities affecting Cisco ASA 5500-X Series devices Alert
Sep 26, 2025 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of multiple vulnerabilities impacting Cisco Secure Firewall Adaptive Security Appliance (ASA) 5500-X Series models that are running Cisco ASA Software or Cisco Secure Firewall Threat Defense (FTD) Software. Cisco reports active exploitation of these vulnerabilities globally. ASD’s ACSC has also observed targeting in Australia.
Australian Signals Directorate’s Cyber Security Partnership Program Program
The Australian Signals Directorate's Australian Cyber Security Partnership Program enables Australian organisations and individuals to engage with the ASD's ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.
Critical vulnerability in Pulse/Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457) Alert
Apr 4, 2025 - Ivanti have released information regarding active exploitation of a critical vulnerability in Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457). ASD’s ACSC recommends customers follow the advice contained in Ivanti’s Security Advisory and assess their environments for malicious activity.
Exploitation of existing Fortinet Vulnerabilities Alert
Apr 11, 2025 - Fortinet has released information regarding exploitation of previously known vulnerabilities affecting Fortinet devices. ASD’s ACSC recommends customers follow the advice contained in Fortinet’s advisory page.
ASD's ACSC and international partners encourage action to mitigate risks for Log4j vulnerability News
Dec 23, 2021 - ASD's ACSC and cyber security agency partners have issued a joint statement and advisory on the Log4j vulnerability providing technical details, mitigations and resources to help address the critical software flaw.
Next.js authentication bypass vulnerability (CVE-2025-29927) Alert
Mar 25, 2025 - An authentication bypass in the middleware layer of Next.js can allow a remote attacker to bypass security checks. Customers should update to the patched version immediately.
Critical vulnerabilities in Ingress-NGINX Controller for Kubernetes Alert
Mar 26, 2025 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of critical vulnerabilities affecting Ingress-NGINX Controller for Kubernetes. Customers should update to the latest patched version immediately.
Critical vulnerability in Ivanti CSA 4.6 (Cloud Services Appliance) Alert
Sep 20, 2024 - Ivanti has released a security advisory addressing a critical vulnerability affecting Ivanti CSA 4.6 (Cloud Services Appliance). The vulnerability affects Ivanti CSA 4.6 before Patch 519.
Potential SolarWinds Orion compromise Alert
Jan 25, 2021 - FireEye identifies global campaign leveraging malicious updates to SolarWinds software.
2022-02: Australian organisations should urgently adopt an enhanced cyber security posture Advisory
Apr 28, 2022 - Entities should follow ACSC advice and act on improving their resilience within a heightened threat environment.
Critical security vulnerability affecting Apache Struts2 below 6.4.0. Alert
Dec 13, 2024 - ASD’s ACSC is aware of a critical vulnerability impacting Apache Struts2 below 6.4.0 (CVE-2024-53677).
Critical Vulnerability in FortiOS Alert
Feb 9, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of a critical (9.6) vulnerability (CVE-2024-21762) in Fortinet FortiOS devices.
FortiOS & FortiProxy - Authentication bypass in Node.js websocket module vulnerability Alert
Jan 15, 2025 - Fortinet has released information regarding an identified vulnerability in FortiOS version 7.0 and FortiProxy versions 7.0 and 7.2 instances. ASD’s ACSC recommends customers follow the advice contained in Fortinet’s notification.
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure Advisory
May 17, 2022 - The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom are releasing this joint Cybersecurity Advisory (CSA). The intent of this joint CSA is to warn organizations that Russia’s invasion of Ukraine has altered the geopolitical balance in ways that could expose organizations both within and beyond the region to increased malicious cyber activity. This activity may occur as a response to the unprecedented economic costs imposed on Russia as well as materiel support provided by the United States and U.S. allies and partners.
Critical vulnerability in ConnectWise’s ScreenConnect Alert
Feb 25, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre ( ASD’s ACSC) is aware of a critical vulnerability affecting ConnectWise’s ScreenConnect. Customers should update to the patched version immediately.
