Search

Remote code execution vulnerability in Windows DNS (CVE-2020-1350)   Alert

Jul 15, 2020 - On 14 July 2020, Microsoft acknowledged a critical remote code execution vulnerability in Windows Domain Name System (DNS), which could allow an adversary to run arbitrary code.

ASD's ACSC Advisory 2020-012: Critical remote code execution vulnerability in Windows DNS server (CVE-2020-1350)   Advisory

Jul 15, 2020 - An adversary who successfully exploits the vulnerability could run arbitrary code in the context of the Local System Account. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends users apply the security patch to their Windows DNS servers to prevent an adversary from exploiting this vulnerability.

ISM OSCAL releases  

Mar 2, 2023 - List of current and previous ISM releases in the OSCAL format.

Translated information  

Apr 4, 2024 - We have developed easy-to-follow cyber security information and resources to support people from non-English speaking backgrounds to be more cyber secure.

Business email compromise   Threat

Feb 11, 2023 - Learn about email phishing and what to do if you are scammed out of money, goods or information.

Exercise Cyber Arrow    News

Nov 14, 2025 - ASD’s delivers national cyber security exercise for the Energy, Communications, and Financial Services and Markets sectors

For business and government  

Resources for business and government on cyber security.

Educational pack for small businesses   Guidance

Jun 15, 2023 - This educational pack provides engaging content to help small business owners learn how to stay cyber secure. Includes practical activities for staff.

Building cyber capability and resilience across the Asia Pacific region   News

Nov 6, 2025 - Working together to engage with international partners to drive cyber security uplift and cyber threat awareness.

Cyber Security Awareness Month 2024   News

Oct 1, 2024 - October is Cyber Security Awareness Month, a time for all Australians to talk about cyber security and take action to protect their devices and accounts.

Cyber sanction imposed on Russian cybercriminal for 2022 Medibank Private compromise   News

Jan 23, 2024 - Today Australia has imposed a cyber sanction under the Autonomous Sanctions Act 2011 on Russian national Aleksandr Ermakov for his role in the compromise of Medibank Private in 2022. This is the first time a sanction has been imposed under the Act.

Suspected user credentials stolen from FortiNet devices leaked online   Alert

Sep 10, 2021 - A malicious cyber actor has leaked a list of suspected user credentials and IP address of the associated FortiNet SSL VPN device the credentials are used for. Organisations should review the patch status and history of internet exposed FortiNet SSL VPN devices and consider performing a password reset for affected users.

Potential SolarWinds Orion compromise   Alert

Jan 25, 2021 - FireEye identifies global campaign leveraging malicious updates to SolarWinds software.

Exploitation of vulnerabilities affecting Cisco firewall platforms   Alert

Apr 25, 2024 - This alert has been written for the IT teams of organisations and government. Entities are strongly encouraged to take immediate action to ensure affected devices are patched and investigate for potential compromise.

U.S., U.K., and Australia Issue Joint Cybersecurity Advisory   News

Jul 28, 2021 - Cyber Agencies Share Top Routinely Exploited Vulnerabilities

Bahasa Indonesia (Indonesian)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Indonesian.

Faa Samoa (Samoan)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Faa Samoa.