Search

Recommendations to mitigate DDoS threats being made against Australian organisations   Advisory

Feb 25, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a number of Denial of Service (DoS) for ransom threats being made against Australian organisations, primarily in the banking and finance sector.

Remote code execution vulnerability present in the Windows Scripting Engine of Microsoft Windows   Alert

Sep 16, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian customers should apply the security update provided by Microsoft.

High Severity vulnerability present in OpenSSL version 3.x   Alert

Nov 2, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a buffer overrun and buffer overflow vulnerability in OpenSSL versions above to 3.0. All Australian organisations using version 3.x should apply the available patch immediately.

Exploitation of Microsoft Office vulnerability: Follina   Alert

Jun 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.

Exploitation of Unitronics Programmable Logic Controllers (PLCs)   Alert

Dec 5, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about global exploitation of Programmable Logic Controllers (PLC) and is aware of reports of compromise of these devices in Australia. These devices are present in a number of critical sectors such as water, energy, fuel and healthcare.

Important Vulnerabilities in Microsoft’s May 2023 Security Update   Alert

May 11, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is concerned about vulnerabilities disclosed in Microsoft’s May 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations.

Critical vulnerabilities in Citrix Gateway and Application Delivery Controller (ADC) devices   Alert

Dec 14, 2022 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a critical vulnerability affecting many versions of Citrix Gateway and ADC. All Australian operators should check for indicators of compromise and install the latest updated versions.

Remote code execution vulnerability present in SonicWall SMA 100 series appliances   Alert

Jan 19, 2022 - A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.

Introduction of legislative change for Limited Use obligation    News

Oct 31, 2024 - On 9 October 2024, the Australian Government introduced the Intelligence Services and Other Legislation Amendment (Cyber Security) Bill 2024 into Parliament. The Bill amends the Intelligence Services Act 2001 to legislate a Limited Use obligation for the Australian Signals Directorate (ASD).

Malicious email mitigation strategies   Publication

Oct 6, 2021 - Socially engineered emails containing malicious attachments and embedded links are routinely used in targeted cyber intrusions against organisations. This publication has been developed to provide mitigation strategies for the security risks posed by these malicious emails.

Convoluted layers: An artificial intelligence primer   Publication

May 21, 2025 - Rapid advances in artificial intelligence (AI), along with public releases of AI products, have prompted governments, businesses and criminals to accelerate efforts to incorporate this new technology into their operations. This advice provides definitions for some of the most commonly encountered AI terms in cybersecurity and a brief typology of cyber threats that will arise from AI.

Important Vulnerabilities in Microsoft’s August 2023 Security Update   Alert

Aug 10, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s August 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.

Important Vulnerabilities in Microsoft’s July 2023 Security Update   Alert

Jul 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s July 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.

Important Vulnerabilities in Microsoft’s June 2023 Security Update   Alert

Jun 15, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s June 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.

ASD's ACSC Threat Report 2015   Reports and statistics

Jul 15, 2015 - This report describes the range of cyber adversaries targeting Australian networks, their motives, and the type of malicious activities they are conducting and their impact on Australian networks during 2014. It also offers mitigation advice on how organisations can defend against these activities.

Critical severity vulnerability in Fortinet Fortigate SSL-VPN devices   Alert

Jun 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a critical pre-authentication remote code execution vulnerability in Fortinet Fortigate SSL VPN devices. Australian organisations should patch their products and apply any recommended mitigations.

Advisory 2020-017: Resumption of Emotet malware campaign   Advisory

Oct 30, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has observed the resumption of an ongoing and widespread campaign of malicious emails designed to spread the Emotet malware across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies.

Meltdown and Spectre patches unsuitable for some security products   Advisory

Jan 11, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of reporting that a variety of security products (e.g. antivirus solutions) are incompatible with Microsoft's patches for the Meltdown and Spectre vulnerabilities.

Remote code execution vulnerability present in the MSHTML component of Microsoft Windows   Alert

Sep 14, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. At this current time there is no patch available, affected Australian customers should apply the Microsoft recommended workarounds.

2020-003: Mailto ransomware incidents   Alert

Feb 6, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of recent ransomware incidents involving a ransomware tool known as ‘Mailto’ or ‘Kazakavkovkiz’. Mailto belongs to the KoKo ransomware family.

Manic Menagerie Investigation Report   Reports and statistics

Jan 29, 2019 - This report details technical findings and mitigation advice related to the extensive compromise of at least eight Australian web hosting providers investigated by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) in May 2018.

Widespread exposure of vulnerability in cPanel   Alert

May 9, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a vulnerability affecting cPanel and cPanel managed websites. All Australian organisations should apply the available patches, and ensure staff are informed of the risks against their systems when clicking suspicious links.

Disclaimer  

Jan 8, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) publishes this website to distribute information to the public and government ICT security professionals. We regularly review and update the information provided.

Important Vulnerabilities in Microsoft’s October 2023 Security Update   Alert

Oct 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s October 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.

SDBBot targeting health sector   Alert

Nov 12, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed increased targeting activity against the Australian health sector by actors using the SDBBot Remote Access Tool (RAT).

MSP Investigation Report   Reports and statistics

Dec 21, 2018 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) investigation report details the theft of commercial secrets, data and information from the Australian arm of a multinational construction services company via their Managed Service Provider.

Sextortion email campaign impacting Australians   Alert

Apr 16, 2020 - A large number of Australians are being impacted by an email ‘sextortion’ campaign in which the cyber scammers responsible have threatened to release personal and sensitive information to the recipients’ contacts unless the scammer is paid in cash or bitcoin.

2020-006 Detecting and mitigating exploitation of vulnerability in Microsoft Internet Information Services   Advisory

May 22, 2020 - This advisory provides indicators of the activity the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed and details proactive advice on detecting and mitigating potential exploitation of this vulnerability in Microsoft Internet Information Services.

Multiple key vulnerabilities identified in Microsoft products   Alert

Oct 13, 2021 - Multiple key vulnerabilities were identified in Microsoft’s 12 October 2021 patch release. While all vulnerabilities addressed in this release are important to mitigate the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) wishes to highlight several vulnerabilities for priority consideration.

Suspected user credentials stolen from FortiNet devices leaked online   Alert

Sep 10, 2021 - A malicious cyber actor has leaked a list of suspected user credentials and IP address of the associated FortiNet SSL VPN device the credentials are used for. Organisations should review the patch status and history of internet exposed FortiNet SSL VPN devices and consider performing a password reset for affected users.