Search

Cyber Safety and Security in Sport   News

Jun 8, 2023 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is partnering with Sport Integrity Australia and the Office of the e-Safety Commissioner to deliver the Cyber Safety and Security in Sport course. The course is part of the ASD’s ACSC's commitment to work with industry and government to strengthen Australia’s cyber security posture.

Vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway products   Alert

Jan 18, 2024 - ASD’s ACSC is aware of multiple vulnerabilities (CVE-2023-6548 and CVE-2023-6549) in Citrix NetScaler products (NetScaler ADC and NetScaler Gateway). Organisations are strongly encouraged to take immediate action to ensure affected instances are patched.

Practical cyber security tips for business leaders   News

Jan 17, 2024 - Business leaders are at higher risk of a cyber incident due to the information they have access to, the people they interact with and the influence they have.

2020-003: Mailto ransomware incidents   Alert

Feb 6, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of recent ransomware incidents involving a ransomware tool known as ‘Mailto’ or ‘Kazakavkovkiz’. Mailto belongs to the KoKo ransomware family.

Ivanti Sentry Authentication Bypass Vulnerability   Alert

Aug 22, 2023 - An authentication bypass vulnerability (CVE-2023-38035) has been identified that allows unauthorised access to sensitive APIs which can be used to set configuration parameters on the administrator portal (MICS).

Ransomware targeting Australian aged care and healthcare sectors   Alert

Aug 2, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of increased targeting of healthcare, including hospitals and aged care, by ransomware campaigns undertaken by cyber criminals.

Widespread exposure of vulnerability in cPanel   Alert

May 9, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a vulnerability affecting cPanel and cPanel managed websites. All Australian organisations should apply the available patches, and ensure staff are informed of the risks against their systems when clicking suspicious links.

Australia is fighting back against ransomware   News

Jun 15, 2021 - Australians continue to be targeted by cybercriminals through ransomware campaigns impacting multiple sectors across our economy.

ACSC Threat Report 2017   Reports and statistics

Oct 15, 2017 - This is the third Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) Threat Report. It continues to reflect on the experience, focus, and mandates of the ASD’s ACSC’s member organisations. The report provides an insight into what the Centre has been seeing, learning, and responding to, focusing on specific areas of change or new knowledge obtained.

New Secure-by-Design publication about memory safety released    News

Jun 27, 2024 - Today, we jointly released a new Secure-by-Design publication, Exploring Memory Safety in Critical Open Source Projects, co-authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Canadian Centre for Cyber Security (CCCS).

High Severity Vulnerability present in Microsoft Outlook for Windows   Alert

Mar 29, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a Microsoft Outlook for Windows vulnerability. All Australian organisations using all versions of Microsoft Outlook for Windows should apply the available patch immediately.

Essential Eight assessment course   Program

Jul 3, 2023 - The Essential Eight Assessment Course will help you understand the intent and application of the Essential Eight, learn to use ASD designed tools, and accurately test the implementation of the Essential Eight.

Manic Menagerie Investigation Report   Reports and statistics

Jan 29, 2019 - This report details technical findings and mitigation advice related to the extensive compromise of at least eight Australian web hosting providers investigated by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) in May 2018.

ASD women recognised for their contribution to the security industry   News

Oct 19, 2022 - The Australian Signals Directorate (ASD) has been recognised for its contribution to supporting women in the security industry at an awards night in Sydney.

Netlogon elevation of privilege vulnerability (CVE-2020-1472)   Alert

Sep 22, 2020 - The ACSC is aware of a recently disclosed critical vulnerability in Microsoft Active Directory Domain Controller systems that allows unauthenticated attackers to trivially access administrative credentials.

Active exploitation of vulnerable MobileIron products   Alert

Sep 18, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of vulnerabilities in multiple MobileIron products by malicious cyber actors, including sophisticated state-based actors.

Australian Signals Directorate unveils new facility   News

Mar 23, 2022 - The Australian Signals Directorate (ASD) has unveiled a new world-class cyber and foreign intelligence facility, as the agency prepares to mark 75 years defending Australia from global threats.

Seeking industry feedback on new ASD Foundations for Secure-by-Design   News

Nov 2, 2023 - Have your say on how Secure-by-Design practices should look.

TMUI remote code execution vulnerability - CVE-2020-5902   Alert

Jul 6, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) advises users of F5’s enterprise and data centre BIG-IP products to ensure their systems are promptly patched after the recent disclosure of new remote code execution vulnerability.

Cisco IOS XE Software Web UI Zero Day Vulnerability   Alert

Oct 25, 2023 - A previously unknown vulnerability (CVE-2023-20198) in the web UI feature of Cisco IOS XE Software could allow a malicious actor to take control of vulnerable devices. All Australian organisations should follow the recommendations published by Cisco.