You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 211 - 240 of 558 results.
Joint advisory on top cyber vulnerabilities News
Jul 28, 2021 - The top 30 cyber security vulnerabilities exploited by malicious cyber actors since 2020 have been detailed in a joint advisory issued by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and counterpart cyber security agencies from the United States and the United Kingdom.
Critical Vulnerability in FortiOS Alert
Feb 9, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of a critical (9.6) vulnerability (CVE-2024-21762) in Fortinet FortiOS devices.
2021-007: Log4j vulnerability – advice and mitigations Advisory
Dec 29, 2021 - On 10 December 2021, ASD's ACSC released an alert relating to a serious vulnerability in versions of the Log4j Java logging library. Malicious cyber actors are using this vulnerability to target and compromise systems globally and in Australia. The ASD's ACSC is working with a significant number of victims and affected vendors across all sectors of the economy.
Remote Code Execution Vulnerability In Confluence Data Center and Confluence Server Alert
Jan 17, 2024 - ASD’s ACSC is aware of a vulnerability in Confluence Data Center and Confluence Server (CVE-2023-22527). Organisations are strongly encouraged to take immediate action to ensure affected instances are patched.
Report and recover from business email compromise Guidance
Jul 14, 2023 - Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.
Gateway hardening Guidance
Jul 29, 2022 - This page lists publications on the hardening of gateway services.
Australian Signals Directorate’s Cyber Security Partnership Program Program page
The Australian Signals Directorate's Australian Cyber Security Partnership Program enables Australian organisations and individuals to engage with the ASD's ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.
Vulnerability in Progress Kemp products Alert
Feb 22, 2024 - ASD’s ACSC is aware of a vulnerability (CVE-2024-1212) that affects all Progress Kemp LoadMaster releases after 7.2.48.1. Organisations are strongly encouraged to take immediate action to patch relevant systems.
Multiple vulnerabilities in Jenkins products Alert
Jan 30, 2024 - ASD’s ACSC is aware of multiple vulnerabilities impacting Jenkins products including CVE 2024-23897 (Critical) & CVE-2024-23898 (High). Organisations using Jenkins products are strongly advised to follow the mitigation advice provided by Jenkins and patch affected versions.
Critical vulnerability in Ivanti CSA 4.6 (Cloud Services Appliance) Alert
Sep 20, 2024 - Ivanti has released a security advisory addressing a critical vulnerability affecting Ivanti CSA 4.6 (Cloud Services Appliance). The vulnerability affects Ivanti CSA 4.6 before Patch 519.
Ivanti Sentry Authentication Bypass Vulnerability Alert
Aug 22, 2023 - An authentication bypass vulnerability (CVE-2023-38035) has been identified that allows unauthorised access to sensitive APIs which can be used to set configuration parameters on the administrator portal (MICS).
Educational pack for small businesses Guidance
Jun 15, 2023 - This educational pack provides engaging content to help small business owners learn how to stay cyber secure. Includes practical activities for staff.
Partner hub Hub item
The Australian Signals Directorate’s Australian Cyber Security (ASD’s ACSC) Partnership Program enables Australian organisations and individuals to engage with the ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.
Report a vulnerability Service
Report vulnerabilities that are not publicly known, through the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) coordinated vulnerability disclosure service.
Critical vulnerabilities in ‘ownCloud’ file share Alert
Nov 29, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of multiple critical vulnerabilities affecting the file sync and sharing software ‘ownCloud’. This primarily impacts self-hosted instances of the open-source product. Those impacted should apply the patches available and consider the workarounds made available by the vendor.
Microsoft Office Outlook Remote Code Execution Vulnerability Alert
Feb 18, 2024 - ASD’s ACSC is aware of a vulnerability in Microsoft Office Outlook (CVE-2024-21413). Users of Microsoft Office Outlook are strongly advised to follow the mitigation advice provided by Microsoft if they are vulnerable.
Critical security vulnerabilities affecting Mitel MiCollab version 9.8 SP1 FP2 (9.8.1.201) and earlier Alert
Dec 9, 2024 - ASD’s ACSC is aware of multiple critical vulnerabilities impacting Mitel MiCollab collaboration applications.
CVE-2024-24919 - Check Point Security Gateway Information Disclosure Alert
May 31, 2024 - The ASD’s ACSC is aware of CVE-2024-24919 that enables access of sensitive information to an unauthorised actor.
Protecting against business email compromise Publication
Oct 6, 2021 - Business email compromise is when malicious actors use email to abuse trust in business processes to scam organisations out of money or goods. Malicious actors can impersonate business representatives using similar names, domains or fraudulent logos as a legitimate organisation or by using compromised email accounts and pretending to be a trusted co-worker.
Vulnerability Affecting BlackBerry QNX RTOS Alert
Aug 18, 2021 - BlackBerry has disclosed that its QNX Real Time Operating System is affected by a BadAlloc vulnerability - CVE-2021-22156. QNX is the world’s most prevalent real time operating system.
Vulnerability Affecting BlackBerry QNX RTOS Advisory
Aug 17, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a vulnerability affecting the BlackBerry QNX, the world’s most prevalent real time operating system.
ForgeRock Open AM critical vulnerability Alert
Jul 7, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed active exploitation of a vulnerability in ForgeRock OpenAM (reported as CVE-2021-35464) against a number of Australian organisations. The ASD’s ACSC strongly recommends organisations urgently apply available patches or workarounds to mitigate the risk of this vulnerability being exploited.
Small Business Cloud Security Guides: Introduction Publication
Dec 16, 2022 - Securing your business can be a complex task. Among the numerous security priorities and configuration options, it can be difficult to know where to begin. These guides adapt ASD's ACSC’s Essential Eight mitigation strategies and outline an example of how each can be implemented to secure Microsoft 365 capabilities. The technical examples are designed to offer significant protection against cybersecurity incidents while remaining accessible to organisations with limited resources and cybersecurity expertise.
ASD's ACSC and partners alert organisations to top 2021 malware strains News
Aug 5, 2022 - The top types of malicious software – or malware – seen by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and international partners through 2021 have been detailed, along with advice on how to counter them.
Multiple vulnerabilities present in VMware products Alert
Aug 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate action.
Become an ASD partner Hub item
Register your interest in the Australian Signals Directorate’s Cyber Security Partnership Program and provide information about yourself and your organisation.
Multiple vulnerabilities present in F5 products Alert
May 9, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a F5 Security Advisory Addressing Multiple Vulnerabilities in their BIG-IP Product Range. Affected Australian organisations should take appropriate action.
Important Vulnerabilities in Microsoft’s October 2023 Security Update Alert
Oct 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s October 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.
Remote Code Execution Vulnerability In Cisco Unified Communications Products Alert
Jan 26, 2024 - ASD’s ACSC is aware of a vulnerability in Cisco Unified Communications Products (CVE 2024-20253). Organisations using Cisco Unified Communication products are strongly advised to follow the mitigation advice provided by Cisco if they are vulnerable.
High Severity vulnerability present in OpenSSL version 3.x Alert
Nov 2, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a buffer overrun and buffer overflow vulnerability in OpenSSL versions above to 3.0. All Australian organisations using version 3.x should apply the available patch immediately.
