Search

Cyber sanction imposed on Russian cybercriminal for 2022 Medibank Private compromise   News

Jan 23, 2024 - Today Australia has imposed a cyber sanction under the Autonomous Sanctions Act 2011 on Russian national Aleksandr Ermakov for his role in the compromise of Medibank Private in 2022. This is the first time a sanction has been imposed under the Act.

Australians urged to act on cyber alert   News

Dec 15, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) issued an alert on a vulnerability in the Apache Log4j software library that exposed systems to potential cyberattack.

Delivering the goods in cyber security resilience to the transport and logistics sector   News

Oct 27, 2022 - National Cyber Security Exercise Series: Australia’s transport and logistics sector – May to August 2023

ASD's ACSC Annual Cyber Threat report 2020-21   News

Sep 16, 2021 - The Assistant Minister for Defence, The Hon Andrew Hastie MP, released the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) Annual Cyber Threat Report 2020-21.

After you've made a purchase   Guidance

Once you’ve made a purchase you still need to remain vigilant. Cybercriminals can target you even after you’ve made a purchase on a legitimate website. Learn what to look out for after you’ve bought something online.

Set up and perform regular backups  

Nov 9, 2022 - Backing up and having backups mean you can restore your files if something goes wrong. It is a precautionary measure so that your data is accessible in case something happens to your computer.

Australian Signals Directorate releases the Annual Cyber Threat Report 2024-25   News

Oct 14, 2025 - The Annual Cyber Threat Report 2024-25 provides an overview of the key cyber threats impacting Australia, how ASD's ACSC is responding and cyber security advice for Australian individuals, organisations and government to protect themselves online.

CI Fortify   Publication

Oct 13, 2025 - Actionable guidance for CI operators to isolate and rebuild critical services and OT systems during crisis or service disruption.

Exploitation of Unitronics Programmable Logic Controllers (PLCs)   Alert

Dec 5, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about global exploitation of Programmable Logic Controllers (PLC) and is aware of reports of compromise of these devices in Australia. These devices are present in a number of critical sectors such as water, energy, fuel and healthcare.

Microsoft's investment in Australia’s cyber security   News

Oct 24, 2023 - The Prime Minister has announced Microsoft’s $5 billion commitment to building Australia’s cyber defence.

If things go wrong   Guidance

If you think you're a victim of a scam, there are steps you can take to protect yourself from further harm.

Head of ACSC talks cyber security with Natarsha Belling in podcast special   News

Nov 29, 2021 - Ms Abigail Bradshaw, head of the Australian Cyber Security Centre (ACSC), recently sat down with journalist Natarsha Belling to discuss the common cyber threats affecting Australians today.

Australia joins US and UK to warn of 2021 Ransomware trends   News

Feb 10, 2022 - Ransomware continues to be a global threat, and cybercriminals using ransomware pose a significant risk to Australian organisations and households.

Advisory 2021-004: Active exploitation of ForgeRock Access Manager / OpenAM servers   Advisory

Jul 9, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has identified targeting and compromise of Australian organisations with vulnerable internet-accessible servers running ForgeRock Access Manager (ForgeRock AM). ForgeRock AM was previously known as OpenAM. The ASD's ACSC has observed malicious actors exploiting the vulnerability in ForgeRock AM/OpenAM to gain initial access to networks in multiple organisations, and facilitate further access within these networks. On 7 July 2021 the ASD's ACSC alerted organisations that this vulnerability was being actively exploited. This ASD's ACSC advisory provides recommendations for securing ForgeRock AM against vulnerability CVE-2021-35464, and advice on identifying potential successful exploitation of this vulnerability.

Recovering a compromised email account   Guidance

Nov 10, 2023 - Email accounts are valuable targets for cybercriminals. Not just because they store sensitive messages, but also because they can be used to impersonate the account owner, to spread scams, and to perform password resets.

Remote access to operational technology environments   Publication

Mar 28, 2023 - Many critical infrastructure providers are moving to support remote working arrangements. In doing so, modifying cybersecurity defences for operational technology environments (OTE) is not a decision that should be taken lightly.

Revised patch released to disable mitigation against Spectre variant 2   Advisory

Jan 29, 2020 - Intel has confirmed that the microcode updates designed to mitigate Spectre variant 2 (CVE-2017-5715: Branch Target Injection) have introduced an increased risk of system instability, data loss and corruption.

SonicWall Breach   Alert

Feb 4, 2021 - SonicWall identified an internal systems breach using a zero-day vulnerability within the SMA 100 series 10.x code.

COVID-19 malicious cyber activity   Alert

May 22, 2020 - Malicious cyber actors are actively targeting individuals and Australian organisations with COVID-19 related scams and phishing emails. These incidents are likely to increase in frequency and severity over the coming weeks and months. This is due, in part, to the ease in which existing scam emails and texts can be modified with a COVID-19 theme.

Cyber security is essential when preparing for COVID-19   Advisory

Mar 13, 2020 - In light of the COVID-19 pandemic, organisations are developing strategies to protect staff and vulnerable members of our community.