You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 541 - 570 of 712 results.
Critical severity vulnerability in Fortinet Fortigate SSL-VPN devices Alert
Jun 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a critical pre-authentication remote code execution vulnerability in Fortinet Fortigate SSL VPN devices. Australian organisations should patch their products and apply any recommended mitigations.
Malicious actors deploying Gootkit Loader on Australian Networks Alert
Aug 27, 2021 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed an increase of Gootkit JavaScript (JS) Loaders on Australian networks.
Critical vulnerability identified in Apple iOS and macOS Alert
Feb 12, 2022 - A Remote Code Execution vulnerability has been identified in certain versions of Apple WebKit, affecting iOS and macOS devices. Affected users of these devices should update their devices as soon as possible.
Boost your cyber defences with backups News
Aug 17, 2021 - Backing up your data is one of the best defences against ransomware attacks conducted by the opportunistic cyber criminals who continue to threaten Australian businesses, organisations, and families.
LockBit 2.0 ransomware incidents in Australia Alert
Aug 5, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed an increase in reporting of LockBit 2.0 ransomware incidents in Australia.
Critical vulnerabilities in ‘ownCloud’ file share Alert
Nov 29, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of multiple critical vulnerabilities affecting the file sync and sharing software ‘ownCloud’. This primarily impacts self-hosted instances of the open-source product. Those impacted should apply the patches available and consider the workarounds made available by the vendor.
Sustained targeting of the health sector Alert
Oct 30, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has identified a sustained campaign by sophisticated cybercrime actors impacting the Australian health sector.
Microsoft Releases Security Updates for Microsoft Edge Browser Alert
Jun 30, 2021 - On June 24 2021, Microsoft released updates for their Edge Browser addressing two vulnerabilities that an attacker could exploit to inject and execute malicious code.
Google Releases Security Updates for Chrome Browser Alert
Jun 21, 2021 - On June 17 2021, Google released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. The patch notes for this version can be viewed at Chrome Release Note.
Multi-factor authentication Guidance
Aug 30, 2023 - Multi-factor authentication (MFA) is one of the most effective ways to protect your valuable information and accounts against unauthorised access.
Critical severity vulnerability in Fortinet FortiOS SSL-VPN Alert
Dec 13, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a heap-based buffer overflow vulnerability in FortiOS SSL-VPN. All Australian organisations should apply the available patch immediately.
Critical vulnerability discovered in HTTP.SYS in Microsoft Windows Alert
May 13, 2021 - A remote code execution vulnerability could enable a malicious cyber actor to compromise vulnerable Microsoft Windows hosts. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends applying available patches.
Critical vulnerability present in certain versions of Microsoft Excel Alert
Nov 11, 2021 - Microsoft has identified active exploitation of a vulnerability in Microsoft Excel. Affected Australian organisations should apply the available security update as soon as possible.
Remote code execution vulnerability present in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component Alert
Nov 11, 2021 - A vulnerability has been identified in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component. Affected Australian organisations should apply the available update as soon as possible.
Why it’s time to ditch your one password for passphrases News
Apr 28, 2023 - Your accounts are only as strong as the tools keeping them secure. One of the most effective ways of protecting your personal information and accounts is to use a strong passphrase.
Critical vulnerability present in certain versions of Apple iOS and iPadOS Alert
Oct 13, 2021 - A vulnerability has been identified in certain Apple products which could allow an actor to install malware or perform other actions on a vulnerable device.
Multi-factor authentication for stronger cyber protection News
Feb 25, 2021 - Australians are being urged to strengthen proof of identity protections to help stop cybercriminals gaining unauthorised access to online information and accounts.
Remote code execution vulnerability present in the Windows Scripting Engine of Microsoft Windows Alert
Sep 16, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian customers should apply the security update provided by Microsoft.
Remote code execution vulnerability present in the MSHTML component of Microsoft Windows Alert
Sep 14, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. At this current time there is no patch available, affected Australian customers should apply the Microsoft recommended workarounds.
ASD's ACSC Threat Report 2016 Reports and statistics
Oct 15, 2016 - This is the second Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) Threat Report. It continues to reflect on the experience, focus, and mandates of the ASD's ACSC’s member organisations. The report provides an insight into what the Centre has been seeing, learning, and responding to, focusing on specific areas of change or new knowledge obtained.
Critical vulnerability present in SAP Internet Communication Manager Alert
Feb 11, 2022 - A vulnerability has been identified in SAP Internet Communication Manager (ICM), a component of many SAP products, which may allow full system takeover. Affected organisations should apply the available security update.
Remote code execution vulnerability present in Fortinet devices Alert
Oct 13, 2022 - A vulnerability (CVE-2022-40684) has been identified in several Fortinet products running certain versions from 7.0.0 onwards, that could allow a malicious cyber actor to bypass authentication and perform unauthorised actions. Affected Australian organisations should apply the available patch and follow Fortinet’s mitigation advice.
Critical Infrastructure Uplift Program (CI-UP) Program page
Apr 16, 2024 - The Critical Infrastructure Uplift Program (CI-UP) offers a range of services that assist critical infrastructure (CI) partners to improve their resilience against cyberattacks.
Vulnerability in Ivanti Endpoint Manager Mobile (EPMM) Alert
Jul 25, 2023 - This Alert is relevant to Australians who are running Ivanti EPMM. This alert is intended to be understood by slightly more technical users. Users are encouraged to immediately apply any available patches.
Joint Advisory on Technical Approaches to Uncovering and Remediating Malicious Activity Advisory
Sep 2, 2020 - The purpose of this report is to enhance incident response among partners and network administrators along with serving as a playbook for incident investigation.
Multiple high severity vulnerabilities discovered in the Exim mail server Alert
May 10, 2021 - Exim vulnerabilities could enable a malicious cyber actor to compromise vulnerable Exim servers. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends applying available patches.
Revamped guide to protect Australian businesses against cyber threats News
Jun 22, 2023 - Australian businesses have a new source of help to understand and combat cyber threats through the refreshed Small Business Cyber Security Guide and new video developed by the The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC).
Malware targeting Centreon software Alert
Feb 16, 2021 - ANSSI identifies campaign targeting Centreon system monitoring software.
Accessibility
Feb 15, 2021 - Under the Disability Discrimination Act 1992, Australian Government agencies are required to ensure information and services are provided in a non-discriminatory, accessible manner.
Exploitation of Microsoft Office vulnerability: Follina Alert
Jun 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.