Search

Threats  

Common online security risks and advice on what you can do to protect yourself.

People’s Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations   Advisory

Sep 19, 2024 - Cyber actors may have used botnet to compromise thousands of Internet-connected devices.

Critical vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway Products   Alert

Jul 4, 2025 - The ASD's ACSC is aware of critical vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway Products (CVE-2025-5349, CVE-2025-5777).

Critical vulnerability in Pulse/Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457)   Alert

Apr 4, 2025 - Ivanti have released information regarding active exploitation of a critical vulnerability in Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457). ASD’s ACSC recommends customers follow the advice contained in Ivanti’s Security Advisory and assess their environments for malicious activity.

Active exploitation of vulnerable Sitecore Experience Platform content management systems   Alert

Nov 5, 2021 - There is active exploitation of a vulnerability occurring in certain versions of Sitecore Experience Platform systems. Affected Australian organisation should apply the available security update.

Suspected user credentials stolen from FortiNet devices leaked online   Alert

Sep 10, 2021 - A malicious cyber actor has leaked a list of suspected user credentials and IP address of the associated FortiNet SSL VPN device the credentials are used for. Organisations should review the patch status and history of internet exposed FortiNet SSL VPN devices and consider performing a password reset for affected users.

Cloud computing security for cloud service providers   Publication

Jan 18, 2024 - This publication is designed to assist cloud service providers (CSPs) in offering secure cloud services. It can also assist assessors in validating the security posture of a cloud service, which is often verified through an Infosec Registered Assessors Program (IRAP) assessment of the CSP services.

Cyber threat actors compromising networks of major global telecommunications providers    News

Dec 4, 2024 - New guidance is available for network defenders of communications infrastructure to strengthen visibility and harden devices against PRC-affiliated and other malicious cyber actors.

Critical remote code execution vulnerability found in the Log4j library   Alert

Dec 21, 2021 - A vulnerability (CVE-2021-44228) exists in certain versions of the Log4j library. A malicious cyber actor could exploit this vulnerability to execute arbitrary code. Australian organisations should apply latest patches immediately where Log4j is known to be used.

Network hardening  

Apr 11, 2023 - This page lists publications on the hardening of network infrastructure.

Cloud shared responsibility model: Guidance for individuals and small and medium businesses    Publication

Oct 20, 2025 - This publication is for individuals and small and medium businesses that use or plan to use a cloud service. It explains what the shared responsibility model (SRM) is, and how responsibility for cloud security is shared between you and the cloud service provider (CSP).

Critical vulnerability discovered in HTTP.SYS in Microsoft Windows   Alert

May 13, 2021 - A remote code execution vulnerability could enable a malicious cyber actor to compromise vulnerable Microsoft Windows hosts. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends applying available patches.

Vulnerability in MongoDB product – MongoDB server leak   Alert

Dec 29, 2025 - ASD’s ACSC is aware of active global exploitation affecting MongoDB servers CVE-2025-14847.
ASD’s ACSC recommends that organisations take immediate action to mitigate affected products, apply the latest patches and investigate for potential compromise.

Technical example: Application control   Publication

Dec 16, 2022 - Application control restricts the ability of an application to run or install on a device. Application control makes it harder for users to intentionally or unintentionally install unwanted or malicious software.

Critical vulnerability in ManageEngine ADSelfService Plus exploited by cyber actors   Alert

Sep 24, 2021 - A vulnerability exists in certain versions of ManageEngine ADSelfService Plus. A cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian organisations should apply the available security update.

Critical vulnerabilities in multiple Fortinet products - FortiCloud SSO Login Authentication Bypass   Alert

Dec 10, 2025 - Critical vulnerabilities in Multiple Fortinet Products - FortiCloud SSO Login Authentication Bypass CVE-2025-59718 & CVE-2025-59719. ASD’s ACSC recommends organisations update affected products to the latest versions and follow the advice detailed in the Fortinet Advisory.

日本語 (Japanese)   Guidance

Apr 19, 2024 - The information and resources available are intended to increase your safety online and have been translated into Japanese.

Exercise in a Box  

Nov 17, 2022 - This service provides an all-in-one platform that organisations can use to assess and improve their cybersecurity practices, in a controlled environment, and as many times as they want.

Critical vulnerability in Microsoft Windows Server Update Service (WSUS)   Alert

Oct 25, 2025 - Critical vulnerability impacting Microsoft Windows Server Update Service – CVE-2025-59287. ASD’s ACSC recommends organisations update affected products to the latest versions and follow the advice detailed in the Microsoft Security Update guide.

हिंदी (Hindi)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Hindi.