You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 241 - 270 of 369 results.
Netlogon elevation of privilege vulnerability (CVE-2020-1472) Alert
Sep 22, 2020 - The ACSC is aware of a recently disclosed critical vulnerability in Microsoft Active Directory Domain Controller systems that allows unauthenticated attackers to trivially access administrative credentials.
Active exploitation of vulnerable MobileIron products Alert
Sep 18, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of vulnerabilities in multiple MobileIron products by malicious cyber actors, including sophisticated state-based actors.
Conti ransomware incidents in Australia Alert
Dec 10, 2021 - Multiple Australian organisations have been impacted by Conti ransomware in November and December 2021.
TMUI remote code execution vulnerability - CVE-2020-5902 Alert
Jul 6, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) advises users of F5’s enterprise and data centre BIG-IP products to ensure their systems are promptly patched after the recent disclosure of new remote code execution vulnerability.
Critical vulnerability identified in Apple iOS and macOS Alert
Feb 12, 2022 - A Remote Code Execution vulnerability has been identified in certain versions of Apple WebKit, affecting iOS and macOS devices. Affected users of these devices should update their devices as soon as possible.
Increased Global Ransomware Threats Alert
Feb 10, 2022 - In 2021, cybersecurity authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally.
Potential exploitation of Click Studio’s PasswordState software Alert
Apr 27, 2021 - On 24 April 2021, Australian software company Click Studios announced a compromise of the software update process for their enterprise password management software PasswordState, used by organisations in Australia and globally.
Remote code execution vulnerability present in Fortinet devices Alert
Oct 13, 2022 - A vulnerability (CVE-2022-40684) has been identified in several Fortinet products running certain versions from 7.0.0 onwards, that could allow a malicious cyber actor to bypass authentication and perform unauthorised actions. Affected Australian organisations should apply the available patch and follow Fortinet’s mitigation advice.
Malicious actors deploying Gootkit Loader on Australian Networks Alert
Aug 27, 2021 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed an increase of Gootkit JavaScript (JS) Loaders on Australian networks.
LockBit 2.0 ransomware incidents in Australia Alert
Aug 5, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed an increase in reporting of LockBit 2.0 ransomware incidents in Australia.
VMware vCenter Server plugin remote code execution vulnerability (CVE-2021-21972) Alert
Feb 25, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) advises users of VMware vCenter Server products, including as part of VMware Cloud Foundation, to ensure their systems are promptly patched after the recent disclosure of a new remote code execution vulnerability.
Microsoft Releases Security Updates for Microsoft Edge Browser Alert
Jun 30, 2021 - On June 24 2021, Microsoft released updates for their Edge Browser addressing two vulnerabilities that an attacker could exploit to inject and execute malicious code.
Remote code execution vulnerability present in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component Alert
Nov 11, 2021 - A vulnerability has been identified in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component. Affected Australian organisations should apply the available update as soon as possible.
Critical vulnerability present in certain versions of Microsoft Excel Alert
Nov 11, 2021 - Microsoft has identified active exploitation of a vulnerability in Microsoft Excel. Affected Australian organisations should apply the available security update as soon as possible.
Google Releases Security Updates for Chrome Browser Alert
Jun 21, 2021 - On June 17 2021, Google released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. The patch notes for this version can be viewed at Chrome Release Note.
Critical vulnerability present in SAP Internet Communication Manager Alert
Feb 11, 2022 - A vulnerability has been identified in SAP Internet Communication Manager (ICM), a component of many SAP products, which may allow full system takeover. Affected organisations should apply the available security update.
Critical vulnerability present in certain versions of Apple iOS and iPadOS Alert
Oct 13, 2021 - A vulnerability has been identified in certain Apple products which could allow an actor to install malware or perform other actions on a vulnerable device.
Phone and email scammers impersonating the ASD's ACSC Alert
Jan 19, 2022 - The Australian government will NEVER phone you to request access to your computer, or request you to purchase cryptocurrencies or gift cards. If you receive a suspicious phone call, take the caller's details, hang up and contact the company they claim to represent via official communication channels listed on their website. Never call a number provided by the scammer.
Remote code execution vulnerability present in the Windows Scripting Engine of Microsoft Windows Alert
Sep 16, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian customers should apply the security update provided by Microsoft.
Remote code execution vulnerability present in the MSHTML component of Microsoft Windows Alert
Sep 14, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. At this current time there is no patch available, affected Australian customers should apply the Microsoft recommended workarounds.
Phone scams impersonating Australian businesses and government agencies Alert
Aug 13, 2020 - Cybercriminals are spoofing Australian mobile numbers and pretending to be from an Australian Government agency, delivery company or business, manipulating the individual to gain access to their device.
Exploitation of Microsoft Office vulnerability: Follina Alert
Jun 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.
Remote code execution vulnerability present in Atlassian Confluence Server and Data Center Alert
Jun 5, 2022 - A critical unauthenticated remote code execution vulnerability (CVE-2022-26134) has been identified in all supported versions of Atlassian Confluence Server and Data Center. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) recommends organisations restrict internet access to and from affected devices.
Remote code execution vulnerability present in SonicWall SMA 100 series appliances Alert
Jan 19, 2022 - A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.
Remote code execution vulnerability present in Sophos Firewall Alert
Mar 30, 2022 - A vulnerability (CVE-2022-1040) has been identified in Sophos Firewall prior to version 18.5 which could allow a malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.
Malware targeting Centreon software Alert
Feb 16, 2021 - ANSSI identifies campaign targeting Centreon system monitoring software.
Increasing reports of myGov-related SMS and email scams targeting Australians Alert
Jul 16, 2020 - Be on the lookout for myGov-related SMS and email scams asking you to verify your myGov details.
Kaseya VSA Supply-Chain Ransomware Attack Alert
Jul 12, 2021 - Patch now available for Kaseya VSA platform.
ForgeRock Open AM critical vulnerability Alert
Jul 7, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed active exploitation of a vulnerability in ForgeRock OpenAM (reported as CVE-2021-35464) against a number of Australian organisations. The ASD’s ACSC strongly recommends organisations urgently apply available patches or workarounds to mitigate the risk of this vulnerability being exploited.
Critical vulnerability in certain versions of Apache HTTP Server Alert
Oct 8, 2021 - A vulnerability exists in Apache HTTP Server 2.4.49. A cyber actor could exploit this vulnerability to execute arbitrary code. Initial information also indicates that the vulnerability could also be used perform remote code execution under certain configurations. Affected Australian organisations should apply the available patch.
