Search

Update your small business cyber security   News

Jun 12, 2024 - Resources to help protect small businesses from cyber threats.

Critical Vulnerability in FortiOS   Alert

Feb 9, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of a critical (9.6) vulnerability (CVE-2024-21762) in Fortinet FortiOS devices.

ABC Radio interview with Head of ACSC   News

Mar 31, 2021 - Abigail Bradshaw CSC, Head of Australian Cyber Security Centre, interview with Fran Kelly on ABC Radio National, 31 March 2021.

VMware vCenter Server plugin remote code execution vulnerability (CVE-2021-21972)   Alert

Feb 25, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) advises users of VMware vCenter Server products, including as part of VMware Cloud Foundation, to ensure their systems are promptly patched after the recent disclosure of a new remote code execution vulnerability.

Phone scams impersonating Australian businesses and government agencies   Alert

Aug 13, 2020 - Cybercriminals are spoofing Australian mobile numbers and pretending to be from an Australian Government agency, delivery company or business, manipulating the individual to gain access to their device.

Practical cyber security tips for business leaders   News

Jan 17, 2024 - Business leaders are at higher risk of a cyber incident due to the information they have access to, the people they interact with and the influence they have.

Accessibility  

Feb 15, 2021 - Under the Disability Discrimination Act 1992, Australian Government agencies are required to ensure information and services are provided in a non-discriminatory, accessible manner.

Exploitation of Microsoft Office vulnerability: Follina   Alert

Jun 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.

Privacy Awareness Week 2023   News

Apr 28, 2023 - The Australian Cyber Security Centre (ACSC) is supporting with the Office of the Australian Information Commissioner (OAIC) to support Privacy Awareness Week.

ASD's ACSC Annual Cyber Threat Report, July 2019 to June 2020   Reports and statistics

Sep 3, 2020 - This report has been jointly produced by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the ACIC and the AFP, and is the first unclassified annual threat report since the ASD's ACSC became part of the ASD in July 2018. The report identifies and describes key cyber security threats targeting Australian systems and networks, and provides a range of examples and real-world case studies of malicious activity targeting Australian networks, between July 2019 and June 2020. It provides mitigation advice that all Australians and organisations can take to defend against these threats.

Why it’s time to ditch your one password for passphrases   News

Apr 28, 2023 - Your accounts are only as strong as the tools keeping them secure. One of the most effective ways of protecting your personal information and accounts is to use a strong passphrase.

COVID-19 malicious cyber activity   Alert

May 22, 2020 - Malicious cyber actors are actively targeting individuals and Australian organisations with COVID-19 related scams and phishing emails. These incidents are likely to increase in frequency and severity over the coming weeks and months. This is due, in part, to the ease in which existing scam emails and texts can be modified with a COVID-19 theme.

BADBAZAAR and MOONSHINE: Technical analysis and mitigations   Advisory

Apr 9, 2025 - This guidance has been jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC Cyber League. Its provides new and collated threat intelligence on two spywares known as MOONSHINE and BADBAZAAR with guidance for how App store operators, developers and social media companies can keep their users safe.

Securing Customer Personal Data for Small to Medium Businesses   News

Nov 17, 2023 - As data breaches increasingly impact Australian businesses and their customers, it’s crucial for businesses to improve their data security practices and ensure their customers’ personal data is handled appropriately.

Recommendations to mitigate DDoS threats being made against Australian organisations   Advisory

Feb 25, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a number of Denial of Service (DoS) for ransom threats being made against Australian organisations, primarily in the banking and finance sector.

New domain name changes could leave your business or organisation at risk   Alert

Mar 23, 2022 - The new domain name category, could leave your business or organisation open to fraudulent cyber activity. Register your .au domain name before it becomes available to the general public.

Australian Signals Directorate releases 2023 ASD Cyber Threat Report   News

Nov 15, 2023 - The Australian Signals Directorate has released its fourth ASD Cyber Threat Report.

Information Security Registered Assessor Program (IRAP)   News

Dec 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is further enhancing cyber security assessment and training, improving cyber skills, and creating new cyber careers for Australians through the Information Security Registered Assessor Program (IRAP).

IRAP training partnership   News

Feb 23, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is partnering with organisations in South Australia and the ACT to deliver cyber security assessment training services for Australian business and organisations.

Small Business Cloud Security Guides   News

Dec 16, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has released a series of guides designed to help small businesses secure their cloud environment.