Search

ASD's ACSC social media community  

Connect with us on Facebook, Twitter and YouTube, and find out how to subscribe to our RSS feeds.

Account compromise   Threat

Nov 10, 2023 - Account compromise is when criminals get unauthorised access to your email, banking, or other accounts.

Vulnerability Affecting BlackBerry QNX RTOS   Alert

Aug 18, 2021 - BlackBerry has disclosed that its QNX Real Time Operating System is affected by a BadAlloc vulnerability - CVE-2021-22156. QNX is the world’s most prevalent real time operating system.

Potential SolarWinds Orion compromise   Alert

Jan 25, 2021 - FireEye identifies global campaign leveraging malicious updates to SolarWinds software.

Cyber security incident response planning: Executive guidance   Publication

Dec 12, 2024 - The Australian Signals Directorate (ASD) is responsible for monitoring and responding to cyber threats targeting Australian interests. Reporting cyber security incidents to ASD ensures that timely assistance can be provided, if required. This may be in the form of investigations or remediation advice.

People’s Republic of China (PRC) State-Sponsored Cyber Actor Living Off the Land to Evade Detection   Alert

May 25, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC), in conjunction with the United States (US) National Security Agency (NSA) its international partners, has released a Cybersecurity Advisory regarding a PRC state-sponsored cyber actor conducting activity impacting US critical infrastructure (CI) sectors. Because of the potential risk to CI sectors outside the US, all organisations are encouraged to review the published Advisory and report any malicious activity to the ASD's ACSC.

Microsoft Exchange ProxyShell Targeting in Australia   Alert

Aug 19, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed targeting of the Microsoft Exchange ProxyShell vulnerability by Malicious actors.

Blueprint for Secure Cloud   Publication

Feb 21, 2024 - The Blueprint provides better practice guidance, configuration guides and templates covering risk management, architecture and standard operating procedures developed as per the controls in ASD’s Information security manual (ISM).

2020-011: Critical Vulnerability in SAP NetWeaver Application Server (CVE-2020-6287)   Advisory

Jul 14, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) recommends users of these products urgently apply available security patches to prevent an adversary from exploiting this vulnerability.

Gateway security guidance package: Overview   Publication

Jul 29, 2025 - This page provides an overview of ASD’s Gateway security guidance package.

View all content  

Nov 3, 2022 -

ASD's ACSC Advisory 2020-012: Critical remote code execution vulnerability in Windows DNS server (CVE-2020-1350)   Advisory

Jul 15, 2020 - An adversary who successfully exploits the vulnerability could run arbitrary code in the context of the Local System Account. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends users apply the security patch to their Windows DNS servers to prevent an adversary from exploiting this vulnerability.

Cyber security is essential when preparing for COVID-19   Advisory

Mar 13, 2020 - In light of the COVID-19 pandemic, organisations are developing strategies to protect staff and vulnerable members of our community.

Important Vulnerabilities in Microsoft’s May 2023 Security Update   Alert

May 11, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is concerned about vulnerabilities disclosed in Microsoft’s May 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations.

The Commonwealth Cyber Security Posture in 2020   Reports and statistics

Jun 10, 2021 - The Commonwealth Cyber Security Posture Report in 2020 informs the Parliament of the status of the Commonwealth’s cybersecurity posture. Overall, the report found that Commonwealth entities continued to improve their cybersecurity in 2020. Ongoing effort is required to maintain the currency and effectiveness of cybersecurity measures.

IRAP consumer guide   Program

Dec 15, 2020 - An IRAP Assessor will assist you by helping you to understand and implement security controls and recommendations to protect your systems and data.

Page not found  

Jun 14, 2020 - Page not found for error 404

Limited Use    Guidance

Dec 3, 2024 - The limited use obligation for the Australian Signals Directorate (ASD) has been legislated to add additional protections to the information organisations voluntarily provide to ASD, and to the information acquired or prepared by ASD with the consent of an organisation.

Critical vulnerabilities in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS)   Alert

Feb 1, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of critical vulnerabilities affecting Ivanti Connect Secure (ICS), formerly known as Pulse Connect Secure, and Ivanti Policy Secure (IPS) gateways. The vulnerabilities affect all supported versions and configurations of the products. Customers should apply the mitigations made available by Ivanti and implement patches as they become available.

Modern defensible architecture for senior decision-makers   Publication

Oct 23, 2025 - ASD’s ACSC and the following international partners present this guidance to assist senior decision-makers to understand the contemporary threat landscape and how modern defensible architecture can support organisations to defend against current threats and prepare for future threats.