Skip to main content
Report a cybercrime, cyber security incident or vulnerability.
Report

What are you looking for?

You can search for keywords to find pages that can help you e.g. scam

Report

Contact us

Portal login

  • About us

    About us

    Learn about who we are and what we do.

    About us
    • About ASD's ACSC
      • Who we are
      • Alerts and advisories
      • News
      • Reports and statistics
      • Contact us
  • Learn the basics

    Learn the basics

    Interactive tools and advice to boost your online safety.

    Learn cyber security Sign up for alerts
    • Explore the basics
      • Recognise and report scams
      • Set secure passphrases
      • Set up and perform regular backups
      • Turn on multi-factor authentication
      • Update your devices
      • Watch out for threats
      • Small business
      • Seniors
    • View resources
      • Glossary
      • Quiz library
      • Resources library
      • Translated Information
  • Protect yourself

    Protect yourself

    Advice and information about how to protect yourself online.

    Protect yourself Easy steps to secure yourself online Sign up for alerts
    • Securing your accounts
      • Multi-factor authentication
      • Passphrases
      • Passkeys
    • Securing your devices
      • How to secure your devices
      • How to back up your files and devices
      • How to update your device and software
    • Securing your email
      • Email security
    • Staying secure online
      • Connecting with others online
      • Protect yourself from scams
      • Online shopping
      • Connecting to public Wi-Fi and hotspots
      • Secure your Wi-Fi and router
      • Cybersecurity for charities and not-for-profits
    • Resources to protect yourself
      • Protecting your family
      • Personal cyber security guides
  • Threats

    Threats

    Common online security risks and advice on what you can do to protect yourself.

    Threats Report a cybercrime Sign up for alerts
    • Types of threats
      • Account compromise
      • Business email compromise
      • Cryptomining
      • Data breaches
      • Hacking
      • Identity theft
      • Malicious insiders
      • Malware
      • Phishing
      • Quishing
      • Ransomware
      • Scams
      • Social engineering
  • Report and recover

    Report and recover

    Respond to cyber threats and take steps to protect yourself from further harm.

    Report and recover Make a report Sign up for alerts
    • Report
      • Report a cybercrime, incident or vulnerability
      • Cybercrime - getting help
      • Single Reporting Portal
    • How we help during a cybersecurity incident
      • ASD’s role in cybersecurity: For legal practitioners
      • Supporting Australian organisations through a cybersecurity incident
      • Limited Use
    • Recover from
      • Account compromise
      • Business email compromise
      • Data breaches
      • Hacking
      • Identity theft
      • Malware
      • Ransomware
      • Scams
  • Resources for Business and Government

    Resources for business and government

    Resources for business and government agencies on cyber security.

    Resources for business and government Become an ASD partner Alerts and advisories Exercise in a Box
    • Essential cybersecurity
      • Critical Infrastructure
      • Essential Eight
      • Information security manual
      • Protecting your business and employees
      • Publications
      • Small business cyber security
      • Strategies to mitigate cyber security incidents
    • Maintaining devices and systems
      • Operational technology environments
      • ASD's Blueprint for Secure Cloud
      • Cloud security guidance
      • Outsourcing and procurement
      • Remote working and secure mobility
      • System hardening and administration
    • Governance and user education
      • Governance
      • User education
      • Artificial intelligence
      • Incident response
      • Modern defensible architecture
      • Secure by Design
    • Assessment and evaluation programs
      • Australian Information Security Evaluation Program (AISEP)
      • Critical Infrastructure Uplift Program (CI-UP)
      • Emanation Security Program
      • High Assurance Evaluation Program
      • Infosec Registered Assessors Program (IRAP)
      • Essential Eight Assessment Course
  • Contact us
  • Report a cybercrime or cyber security incident
  • Portal login
Australian Cyber
Security Hotline
1300 CYBER1 (1300 292 371)

Search

Filter results by

Content type

  • Advice and guidance
  • Alerts and advisories
  • News and media releases
  • Programs
  • Publications
  • Reports and statistics
  • Threats

Audience

  • Individuals & families
  • Small & medium businesses
  • Organisations & Critical Infrastructure
  • Government

Displaying search results for
Displaying 571 - 600 of 712 results.

Applied filters
Clear all filters

/about-us/alerts/remote-code-execution-vulnerability-present-sonicwall-sma-100-series-appliances

Remote code execution vulnerability present in SonicWall SMA 100 series appliances   Alert

Jan 19, 2022 - A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/remote-code-execution-vulnerability-present-certain-versions-atlassian-confluence

Remote code execution vulnerability present in Atlassian Confluence Server and Data Center   Alert

Jun 5, 2022 - A critical unauthenticated remote code execution vulnerability (CVE-2022-26134) has been identified in all supported versions of Atlassian Confluence Server and Data Center. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) recommends organisations restrict internet access to and from affected devices.

Organisations & Critical Infrastructure
Government
/about-us/alerts/kaseya-vsa-supply-chain-ransomware-attack

Kaseya VSA Supply-Chain Ransomware Attack   Alert

Jul 12, 2021 - Patch now available for Kaseya VSA platform.

Organisations & Critical Infrastructure
Government
/about-us/alerts/forgerock-open-am-critical-vulnerability

ForgeRock Open AM critical vulnerability   Alert

Jul 7, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed active exploitation of a vulnerability in ForgeRock OpenAM (reported as CVE-2021-35464) against a number of Australian organisations. The ASD’s ACSC strongly recommends organisations urgently apply available patches or workarounds to mitigate the risk of this vulnerability being exploited.

Organisations & Critical Infrastructure
Government
/about-us/alerts/critical-vulnerabilities-citrix-gateway-and-application-delivery-controller-adc-devices

Critical vulnerabilities in Citrix Gateway and Application Delivery Controller (ADC) devices   Alert

Dec 14, 2022 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a critical vulnerability affecting many versions of Citrix Gateway and ADC. All Australian operators should check for indicators of compromise and install the latest updated versions.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/multiple-vulnerabilities-present-f5-products

Multiple vulnerabilities present in F5 products   Alert

May 9, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a F5 Security Advisory Addressing Multiple Vulnerabilities in their BIG-IP Product Range. Affected Australian organisations should take appropriate action.

Organisations & Critical Infrastructure
Government
/about-us/view-all-content/news-and-media/2023-ASD-cyber-threat-report

Australian Signals Directorate releases 2023 ASD Cyber Threat Report   News

Nov 15, 2023 - The Australian Signals Directorate has released its fourth ASD Cyber Threat Report.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/exploitation-vulnerabilities-affecting-cisco-firewall-platforms

Exploitation of vulnerabilities affecting Cisco firewall platforms   Alert

Apr 25, 2024 - This alert has been written for the IT teams of organisations and government. Entities are strongly encouraged to take immediate action to ensure affected devices are patched and investigate for potential compromise.

Organisations & Critical Infrastructure
Government
/about-us/alerts/remote-code-execution-vulnerability-present-sophos-firewall

Remote code execution vulnerability present in Sophos Firewall   Alert

Mar 30, 2022 - A vulnerability (CVE-2022-1040) has been identified in Sophos Firewall prior to version 18.5 which could allow a malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/news/joint-guide-cybersecurity-best-practices-smart-cities

Joint guide for cybersecurity best practices for Smart Cities   News

Apr 20, 2023 - This guide provides three recommendations to help communities strengthen their cyber posture.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/important-vulnerabilities-microsofts-august-2023-security-update

Important Vulnerabilities in Microsoft’s August 2023 Security Update   Alert

Aug 10, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s August 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/critical-vulnerability-certain-versions-apache-http-server

Critical vulnerability in certain versions of Apache HTTP Server   Alert

Oct 8, 2021 - A vulnerability exists in Apache HTTP Server 2.4.49. A cyber actor could exploit this vulnerability to execute arbitrary code. Initial information also indicates that the vulnerability could also be used perform remote code execution under certain configurations. Affected Australian organisations should apply the available patch.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/news/delivering-goods-cyber-security-resilience-transport-and-logistics-sector

Delivering the goods in cyber security resilience to the transport and logistics sector   News

Oct 27, 2022 - National Cyber Security Exercise Series: Australia’s transport and logistics sector – May to August 2023

Organisations & Critical Infrastructure
/about-us/alerts/supply-chain-compromise-of-3cx-desktopapp

Supply chain compromise of 3CX DesktopApp   Alert

Mar 31, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a reported supply chain compromise affecting the 3CX DesktopApp, allowing malicious actors to conduct multi-stage attacks against users of the legitimate software. Australian users of affected versions of 3CX DesktopApp should immediately follow the vendor’s advice and investigate for signs of malicious activity.

Organisations & Critical Infrastructure
Government
/resources-business-and-government/assessment-and-evaluation-programs/national-exercise-program

National Exercise Program   Program page

Jul 12, 2018 - Our National Exercise Program helps critical infrastructure and government organisations validate and strength Australia's nationwide cyber security arrangements.

Organisations & Critical Infrastructure
Government
/report-and-recover/how-we-help-during-a-cybersecurity-incident/limited-use

Limited Use    Guidance

Dec 3, 2024 - The limited use obligation for the Australian Signals Directorate (ASD) has been legislated to add additional protections to the information organisations voluntarily provide to ASD, and to the information acquired or prepared by ASD with the consent of an organisation.

Small & medium businesses
Organisations & Critical Infrastructure
/about-us/alerts/active-exploitation-vulnerable-sitecore-experience-platform-content-management-systems

Active exploitation of vulnerable Sitecore Experience Platform content management systems   Alert

Nov 5, 2021 - There is active exploitation of a vulnerability occurring in certain versions of Sitecore Experience Platform systems. Affected Australian organisation should apply the available security update.

Organisations & Critical Infrastructure
Government
/about-us/alerts/apt-exploitation-fortinet-vulnerabilities

APT exploitation of Fortinet Vulnerabilities   Alert

Apr 3, 2021 - Advanced Persistent Threat (APT) actors targeting historic Fortinet vulnerabilities.

Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/serious-vulnerabilities-in-atlassian-products-including-confluence-jira-and-bitbucket

Serious vulnerabilities in Atlassian products including Confluence, Jira and Bitbucket   Alert

Dec 7, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is concerned about serious vulnerabilities in certain Atlassian products (CVE-2023-22522, CVE-2023-22523 and CVE-2022-1471) which are fixed by recent patches. Operators are urged to review Atlassian’s advice and implement recommended mitigations before exploitation begins.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/remote-code-execution-vulnerability-present-open-management-infrastructure-affects-certain-microsoft-azure-services

Remote code execution vulnerability present in Open Management Infrastructure, affects certain Microsoft Azure services   Alert

Sep 16, 2021 - A remote code execution vulnerability exists in Open Management Infrastructure, a management agent used in certain Linux-based Microsoft Azure services. Exploitation of this vulnerability could allow a malicious actor to take control of the vulnerable host. Affected organisations should apply the available security update.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/reports-and-statistics/asdacsc-annual-cyber-threat-report-july-2020-june-2021

ASD's ACSC Annual Cyber Threat Report, July 2020 to June 2021   Reports and statistics

Sep 15, 2021 - The ASD's ACSC Annual Cyber Threat Report 2020–21 has been produced by the Australian Cyber Security Centre, with contributions from the Defence Intelligence Organisation (DIO), Australian Criminal Intelligence Commission (ACIC), Australian Security Intelligence Organisation (ASIO), The Department of Home Affairs and industry partners.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/critical-vulnerabilities-present-certain-versions-apple-ios-macos-and-safari

Critical vulnerabilities present in certain versions of Apple iOS, macOS and Safari   Alert

Sep 14, 2021 - Vulnerabilities have been identified in certain versions of Apple iOS, macOS and Safari which could allow an actor to install malware or perform other actions on a vulnerable device or computer.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/sonicwall-breach

SonicWall Breach   Alert

Feb 4, 2021 - SonicWall identified an internal systems breach using a zero-day vulnerability within the SMA 100 series 10.x code.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/exploitation-unitronics-programmable-logic-controllers-plcs

Exploitation of Unitronics Programmable Logic Controllers (PLCs)   Alert

Dec 5, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about global exploitation of Programmable Logic Controllers (PLC) and is aware of reports of compromise of these devices in Australia. These devices are present in a number of critical sectors such as water, energy, fuel and healthcare.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/sonicwall-devices-targeted-ransomware-utilising-stolen-credentials

SonicWall devices targeted with ransomware utilising stolen credentials   Alert

Aug 3, 2021 - SonicWall devices are being targeted by a malicious cyber actor as targets for ransomware. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of likely related activity targeting Australian organisations.

Organisations & Critical Infrastructure
Government
/about-us/news/cisa-fbi-nsa-and-international-partners-issue-advisory-demonstrated-threats-and-capabilities-russian-state-sponsored-and-cyber-criminal-actors

CISA, FBI, NSA, and international partners issue advisory on demonstrated threats and capabilities of Russian state-sponsored and cyber criminal actors   News

Apr 22, 2022 - Since Russia’s invasion of Ukraine in February, the risk of malicious cyber operations by Russian state-sponsored and criminal cyber actors has increased. The threats to critical infrastructure could impact organisations both within and beyond Ukraine.

Organisations & Critical Infrastructure
Government
/about-us/news/exercise-box-here

Exercise in a Box is here   News

Nov 17, 2022 - This service provides an all in one platform that your organisation can use to assess and improve its cyber security practices in your own time, in a safe environment, and as many times as you want.

Small & medium businesses
Organisations & Critical Infrastructure
/about-us/alerts/potential-accellion-file-transfer-appliance-compromise

Potential Accellion File Transfer Appliance compromise   Alert

Feb 25, 2021 - The ACSC has identified Australian organisations that may have been impacted by the Accellion File Transfer Appliance vulnerability and have provided mitigation recommendations.

Organisations & Critical Infrastructure
/about-us/about-asd-acsc/who-we-are

Who we are  

Oct 25, 2022 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) leads the Australian Government’s efforts to improve cyber security. Our role is to help make Australia the most secure place to connect online.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/advisories/revised-patch-released-disable-mitigation-against-spectre-variant-2

Revised patch released to disable mitigation against Spectre variant 2   Advisory

Jan 29, 2020 - Intel has confirmed that the microcode updates designed to mitigate Spectre variant 2 (CVE-2017-5715: Branch Target Injection) have introduced an increased risk of system instability, data loss and corruption.

Organisations & Critical Infrastructure
Government

Pagination

  • First page « First
  • Previous page ‹‹
  • …
  • Page 16
  • Page 17
  • Page 18
  • Page 19
  • Current page 20
  • Page 21
  • Page 22
  • Page 23
  • Page 24
  • Next page ››
  • Last page Last »
Report a cybersecurity incident for critical infrastructure
Get alerts on new threats Alert Service
Become an ASD Partner
Report a cybercrime or cybersecurity incident
Acknowledgement of Country Circle
Acknowledgement of Country

We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities.
We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Australian Cyber Security Hotline 1300 CYBER1 (1300 292 371)
  • Contact us
  • Glossary
  • View all content
  • Copyright
  • Privacy
  • Accessibility
  • Disclaimer
  • Careers
  • Social media terms of use

Popular pages

  • Essential Eight
  • Alerts and advisories
  • Information Security Manual
Authorised by the Australian Government, Canberra