Skip to main content
Report a cybercrime, cyber security incident or vulnerability.
Report

What are you looking for?

You can search for keywords to find pages that can help you e.g. scam

Report

Contact us

Portal login

  • About us

    About us

    Learn about who we are and what we do.

    About us
    • About ASD's ACSC
      • Who we are
      • Alerts and advisories
      • News
      • Reports and statistics
      • Contact us
  • Learn the basics

    Learn the basics

    Interactive tools and advice to boost your online safety.

    Learn cyber security Sign up for alerts
    • Explore the basics
      • Recognise and report scams
      • Set secure passphrases
      • Set up and perform regular backups
      • Turn on multi-factor authentication
      • Update your devices
      • Watch out for threats
      • Small business
      • Seniors
    • View resources
      • Glossary
      • Quiz library
      • Resources library
      • Translated Information
  • Protect yourself

    Protect yourself

    Advice and information about how to protect yourself online.

    Protect yourself Easy steps to secure yourself online Cyber health check tool Sign up for alerts
    • Securing your accounts
      • Multi-factor authentication
      • Passphrases
      • Passkeys
    • Securing your devices
      • How to secure your devices
      • How to back up your files and devices
      • How to update your device and software
    • Securing your email
      • Email security
    • Staying secure online
      • Connecting with others online
      • Protect yourself from scams
      • Online shopping
      • Connecting to public Wi-Fi and hotspots
      • Secure your Wi-Fi and router
      • Cyber security for charities and not-for-profits
    • Resources to protect yourself
      • Protecting your family
      • Personal cyber security guides
  • Threats

    Threats

    Common online security risks and advice on what you can do to protect yourself.

    Threats Report a cybercrime Sign up for alerts
    • Types of threats
      • Account compromise
      • Business email compromise
      • Cryptomining
      • Data breaches
      • Hacking
      • Identity theft
      • Information stealer
    • <notitle>
      • Malicious insiders
      • Malware
      • Phishing
      • Quishing
      • Ransomware
      • Scams
      • Social engineering
  • Report and recover

    Report and recover

    Respond to cyber threats and take steps to protect yourself from further harm.

    Report and recover Make a report Sign up for alerts
    • Report
      • Report a cybercrime, incident or vulnerability
      • Cybercrime - getting help
      • Single Reporting Portal
    • How we help during a cyber security incident
      • ASD’s role in cyber security: For legal practitioners
      • Supporting Australian organisations through a cyber security incident
      • Limited Use
    • Recover from
      • Account compromise
      • Business email compromise
      • Data breaches
      • Hacking
      • Identity theft
      • Malware
      • Ransomware
      • Scams
  • For business and government

    For business and government

    Resources for business and government agencies on cyber security.

    For business and government Become an ASD partner Cyber Security Awareness Month 2025 Critical infrastructure All publications Alerts and advisories Exercise in a Box
    • ASD's cyber security frameworks
      • Information security manual
      • Blueprint for Secure Cloud
      • Essential Eight
      • Gateway security guidance package
      • Mitigating cyber security incidents
      • Modern defensible architecture
      • Principles of operational technology cyber security
    • Secure design
      • Artificial intelligence
      • Operational technology environments
      • Planning for post-quantum cryptography
      • Secure by Design
    • Protecting devices and systems
      • Assessment and evaluation programs
      • Cloud computing
      • Hardening systems and applications
      • Legacy IT management
      • Remote working and secure mobility
      • Securing edge devices
      • System administration
    • Detecting and responding to threats
      • Cyber security incident response
      • Detecting and mitigating Active Directory compromises
      • Event logging
      • Vulnerability planning
    • Small business cyber security
      • Small business hub
      • Protecting your staff
      • Securing customer personal data
    • Supplier cyber risk management
      • Managed service providers
      • Managing cyber supply chains
    • Protecting business leaders
      • Cyber security for business leaders
      • Questions for the board of directors to ask about cyber security
      • Security tips for social media and messaging apps
  • Contact us
  • Report a cybercrime or cyber security incident
  • Portal login
Australian Cyber
Security Hotline
1300 CYBER1 (1300 292 371)

Search

Filter results by

Content type

  • Advice and guidance
  • Alerts and advisories
  • News and media releases
  • Programs
  • Publications
  • Reports and statistics
  • Threats

Audience

  • Individuals & families
  • Small & medium businesses
  • Organisations & Critical Infrastructure
  • Government

Recommended pages

Recognise and report scams
Information security manual
Mitigating cyber security incidents

Search results

Displaying search results for
Displaying 271 - 300 of 667 results.

Applied filters
Clear all filters

/about-us/advisories/recommendations-mitigate-ddos-threats-being-made-against-australian-organisations

Recommendations to mitigate DDoS threats being made against Australian organisations   Advisory

Feb 25, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a number of Denial of Service (DoS) for ransom threats being made against Australian organisations, primarily in the banking and finance sector.

Organisations & Critical Infrastructure
Government
/about-us/alerts/remote-code-execution-vulnerability-present-windows-scripting-engine-microsoft-windows

Remote code execution vulnerability present in the Windows Scripting Engine of Microsoft Windows   Alert

Sep 16, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian customers should apply the security update provided by Microsoft.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/high-severity-vulnerability-present-openssl-version-3x

High Severity vulnerability present in OpenSSL version 3.x   Alert

Nov 2, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a buffer overrun and buffer overflow vulnerability in OpenSSL versions above to 3.0. All Australian organisations using version 3.x should apply the available patch immediately.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/exploitation-microsoft-office-vulnerability-follina

Exploitation of Microsoft Office vulnerability: Follina   Alert

Jun 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/exploitation-unitronics-programmable-logic-controllers-plcs

Exploitation of Unitronics Programmable Logic Controllers (PLCs)   Alert

Dec 5, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about global exploitation of Programmable Logic Controllers (PLC) and is aware of reports of compromise of these devices in Australia. These devices are present in a number of critical sectors such as water, energy, fuel and healthcare.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/important-vulnerabilities-in-microsofts-may-2023-security-update

Important Vulnerabilities in Microsoft’s May 2023 Security Update   Alert

May 11, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is concerned about vulnerabilities disclosed in Microsoft’s May 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/critical-vulnerabilities-citrix-gateway-and-application-delivery-controller-adc-devices

Critical vulnerabilities in Citrix Gateway and Application Delivery Controller (ADC) devices   Alert

Dec 14, 2022 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a critical vulnerability affecting many versions of Citrix Gateway and ADC. All Australian operators should check for indicators of compromise and install the latest updated versions.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/remote-code-execution-vulnerability-present-sonicwall-sma-100-series-appliances

Remote code execution vulnerability present in SonicWall SMA 100 series appliances   Alert

Jan 19, 2022 - A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/news-and-media/introduction-legislative-change-limited-use-obligation

Introduction of legislative change for Limited Use obligation    News

Oct 31, 2024 - On 9 October 2024, the Australian Government introduced the Intelligence Services and Other Legislation Amendment (Cyber Security) Bill 2024 into Parliament. The Bill amends the Intelligence Services Act 2001 to legislate a Limited Use obligation for the Australian Signals Directorate (ASD).

Organisations & Critical Infrastructure
Government
/business-government/protecting-devices-systems/hardening-systems-applications/email-hardening/malicious-email-mitigation-strategies

Malicious email mitigation strategies   Publication

Oct 6, 2021 - Socially engineered emails containing malicious attachments and embedded links are routinely used in targeted cyber intrusions against organisations. This publication has been developed to provide mitigation strategies for the security risks posed by these malicious emails.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/business-government/secure-design/artificial-intelligence/convoluted-layers-artificial-intelligence-primer

Convoluted layers: An artificial intelligence primer   Publication

May 21, 2025 - Rapid advances in artificial intelligence (AI), along with public releases of AI products, have prompted governments, businesses and criminals to accelerate efforts to incorporate this new technology into their operations. This advice provides definitions for some of the most commonly encountered AI terms in cybersecurity and a brief typology of cyber threats that will arise from AI.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/important-vulnerabilities-microsofts-august-2023-security-update

Important Vulnerabilities in Microsoft’s August 2023 Security Update   Alert

Aug 10, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s August 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/important-vulnerabilities-microsofts-july-2023-security-update

Important Vulnerabilities in Microsoft’s July 2023 Security Update   Alert

Jul 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s July 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/important-vulnerabilities-microsofts-june-2023-security-update

Important Vulnerabilities in Microsoft’s June 2023 Security Update   Alert

Jun 15, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s June 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/reports-and-statistics/asdacsc-threat-report-2015

ASD's ACSC Threat Report 2015   Reports and statistics

Jul 15, 2015 - This report describes the range of cyber adversaries targeting Australian networks, their motives, and the type of malicious activities they are conducting and their impact on Australian networks during 2014. It also offers mitigation advice on how organisations can defend against these activities.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/critical-severity-vulnerability-fortinet-fortigate-ssl-vpn-devices

Critical severity vulnerability in Fortinet Fortigate SSL-VPN devices   Alert

Jun 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a critical pre-authentication remote code execution vulnerability in Fortinet Fortigate SSL VPN devices. Australian organisations should patch their products and apply any recommended mitigations.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/advisories/advisory-2020-017-resumption-emotet-malware-campaign

Advisory 2020-017: Resumption of Emotet malware campaign   Advisory

Oct 30, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has observed the resumption of an ongoing and widespread campaign of malicious emails designed to spread the Emotet malware across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/advisories/meltdown-and-spectre-patches-unsuitable-some-security-products

Meltdown and Spectre patches unsuitable for some security products   Advisory

Jan 11, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of reporting that a variety of security products (e.g. antivirus solutions) are incompatible with Microsoft's patches for the Meltdown and Spectre vulnerabilities.

Organisations & Critical Infrastructure
Government
/about-us/alerts/remote-code-execution-vulnerability-present-vm2-sandbox

Remote code execution vulnerability present in the MSHTML component of Microsoft Windows   Alert

Sep 14, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. At this current time there is no patch available, affected Australian customers should apply the Microsoft recommended workarounds.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/2020-003-mailto-ransomware-incidents

2020-003: Mailto ransomware incidents   Alert

Feb 6, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of recent ransomware incidents involving a ransomware tool known as ‘Mailto’ or ‘Kazakavkovkiz’. Mailto belongs to the KoKo ransomware family.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/reports-and-statistics/manic-menagerie-investigation-report

Manic Menagerie Investigation Report   Reports and statistics

Jan 29, 2019 - This report details technical findings and mitigation advice related to the extensive compromise of at least eight Australian web hosting providers investigated by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) in May 2018.

Organisations & Critical Infrastructure
Government
/about-us/alerts/widespread-exposure-vulnerability-cPanel

Widespread exposure of vulnerability in cPanel   Alert

May 9, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a vulnerability affecting cPanel and cPanel managed websites. All Australian organisations should apply the available patches, and ensure staff are informed of the risks against their systems when clicking suspicious links.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/disclaimer

Disclaimer  

Jan 8, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) publishes this website to distribute information to the public and government ICT security professionals. We regularly review and update the information provided.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/important-vulnerabilities-microsoft-october-2023-security-update

Important Vulnerabilities in Microsoft’s October 2023 Security Update   Alert

Oct 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s October 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/sdbbot-targeting-health-sector

SDBBot targeting health sector   Alert

Nov 12, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed increased targeting activity against the Australian health sector by actors using the SDBBot Remote Access Tool (RAT).

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/reports-and-statistics/msp-investigation-report

MSP Investigation Report   Reports and statistics

Dec 21, 2018 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) investigation report details the theft of commercial secrets, data and information from the Australian arm of a multinational construction services company via their Managed Service Provider.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/sextortion-email-campaign-impacting-australians

Sextortion email campaign impacting Australians   Alert

Apr 16, 2020 - A large number of Australians are being impacted by an email ‘sextortion’ campaign in which the cyber scammers responsible have threatened to release personal and sensitive information to the recipients’ contacts unless the scammer is paid in cash or bitcoin.

Individuals & families
/about-us/advisories/2020-006-detecting-and-mitigating-exploitation-vulnerability-microsoft-internet-information-services

2020-006 Detecting and mitigating exploitation of vulnerability in Microsoft Internet Information Services   Advisory

May 22, 2020 - This advisory provides indicators of the activity the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed and details proactive advice on detecting and mitigating potential exploitation of this vulnerability in Microsoft Internet Information Services.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/multiple-key-vulnerabilities-identified-microsoft-products

Multiple key vulnerabilities identified in Microsoft products   Alert

Oct 13, 2021 - Multiple key vulnerabilities were identified in Microsoft’s 12 October 2021 patch release. While all vulnerabilities addressed in this release are important to mitigate the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) wishes to highlight several vulnerabilities for priority consideration.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/suspected-user-credentials-stolen-fortinet-devices-leaked-online

Suspected user credentials stolen from FortiNet devices leaked online   Alert

Sep 10, 2021 - A malicious cyber actor has leaked a list of suspected user credentials and IP address of the associated FortiNet SSL VPN device the credentials are used for. Organisations should review the patch status and history of internet exposed FortiNet SSL VPN devices and consider performing a password reset for affected users.

Organisations & Critical Infrastructure
Government

Pagination

  • First page « First
  • Previous page ‹‹
  • …
  • Page 6
  • Page 7
  • Page 8
  • Page 9
  • Current page 10
  • Page 11
  • Page 12
  • Page 13
  • Page 14
  • …
  • Next page ››
  • Last page Last »
Report a cyber security incident for critical infrastructure
Get alerts on new threats Alert Service
Become an ASD Partner
Report a cybercrime or cyber security incident
Acknowledgement of Country Circle
Acknowledgement of Country

We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities.
We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Australian Cyber Security Hotline 1300 CYBER1 (1300 292 371)
  • Contact us
  • Glossary
  • View all content
  • Copyright
  • Privacy
  • Accessibility
  • Disclaimer
  • Careers
  • Social media terms of use

Popular pages

  • Essential Eight
  • Alerts and advisories
  • Information Security Manual
Authorised by the Australian Government, Canberra