Search

ASD's ACSC Threat Report 2016   Reports and statistics

Oct 15, 2016 - This is the second Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) Threat Report. It continues to reflect on the experience, focus, and mandates of the ASD's ACSC’s member organisations. The report provides an insight into what the Centre has been seeing, learning, and responding to, focusing on specific areas of change or new knowledge obtained.

Remote code execution vulnerability present in the Windows Scripting Engine of Microsoft Windows   Alert

Sep 16, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian customers should apply the security update provided by Microsoft.

Remote code execution vulnerability present in the MSHTML component of Microsoft Windows   Alert

Sep 14, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. At this current time there is no patch available, affected Australian customers should apply the Microsoft recommended workarounds.

Why it’s time to ditch your one password for passphrases   News

Apr 28, 2023 - Your accounts are only as strong as the tools keeping them secure. One of the most effective ways of protecting your personal information and accounts is to use a strong passphrase.

Critical vulnerability present in SAP Internet Communication Manager   Alert

Feb 11, 2022 - A vulnerability has been identified in SAP Internet Communication Manager (ICM), a component of many SAP products, which may allow full system takeover. Affected organisations should apply the available security update.

Multi-factor authentication   Guidance

Aug 30, 2023 - Multi-factor authentication (MFA) is one of the most effective ways to protect your valuable information and accounts against unauthorised access. 

Critical vulnerabilities in ‘ownCloud’ file share   Alert

Nov 29, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of multiple critical vulnerabilities affecting the file sync and sharing software ‘ownCloud’. This primarily impacts self-hosted instances of the open-source product. Those impacted should apply the patches available and consider the workarounds made available by the vendor.

Remote code execution vulnerability present in Fortinet devices   Alert

Oct 13, 2022 - A vulnerability (CVE-2022-40684) has been identified in several Fortinet products running certain versions from 7.0.0 onwards, that could allow a malicious cyber actor to bypass authentication and perform unauthorised actions. Affected Australian organisations should apply the available patch and follow Fortinet’s mitigation advice.

Joint Advisory on Technical Approaches to Uncovering and Remediating Malicious Activity   Advisory

Sep 2, 2020 - The purpose of this report is to enhance incident response among partners and network administrators along with serving as a playbook for incident investigation.

Multiple high severity vulnerabilities discovered in the Exim mail server   Alert

May 10, 2021 - Exim vulnerabilities could enable a malicious cyber actor to compromise vulnerable Exim servers. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends applying available patches.

Vulnerability in Ivanti Endpoint Manager Mobile (EPMM)   Alert

Jul 25, 2023 - This Alert is relevant to Australians who are running Ivanti EPMM. This alert is intended to be understood by slightly more technical users. Users are encouraged to immediately apply any available patches.

Malware targeting Centreon software   Alert

Feb 16, 2021 - ANSSI identifies campaign targeting Centreon system monitoring software.

Accessibility  

Feb 15, 2021 - Under the Disability Discrimination Act 1992, Australian Government agencies are required to ensure information and services are provided in a non-discriminatory, accessible manner.

Kaseya VSA Supply-Chain Ransomware Attack   Alert

Jul 12, 2021 - Patch now available for Kaseya VSA platform.

Remote code execution vulnerability present in SonicWall SMA 100 series appliances   Alert

Jan 19, 2022 - A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.

ForgeRock Open AM critical vulnerability   Alert

Jul 7, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed active exploitation of a vulnerability in ForgeRock OpenAM (reported as CVE-2021-35464) against a number of Australian organisations. The ASD’s ACSC strongly recommends organisations urgently apply available patches or workarounds to mitigate the risk of this vulnerability being exploited.

Exploitation of Microsoft Office vulnerability: Follina   Alert

Jun 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.

Revamped guide to protect Australian businesses against cyber threats   News

Jun 22, 2023 - Australian businesses have a new source of help to understand and combat cyber threats through the refreshed Small Business Cyber Security Guide and new video developed by the The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC).

Remote code execution vulnerability present in Atlassian Confluence Server and Data Center   Alert

Jun 5, 2022 - A critical unauthenticated remote code execution vulnerability (CVE-2022-26134) has been identified in all supported versions of Atlassian Confluence Server and Data Center. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) recommends organisations restrict internet access to and from affected devices.

Cyber security incident response planning: Executive guidance   Publication

Dec 12, 2024 - The Australian Signals Directorate (ASD) is responsible for monitoring and responding to cyberthreats targeting Australian interests. Reporting cybersecurity incidents to ASD ensures that timely assistance can be provided, if required. This may be in the form of investigations or remediation advice.

Multiple vulnerabilities present in F5 products   Alert

May 9, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a F5 Security Advisory Addressing Multiple Vulnerabilities in their BIG-IP Product Range. Affected Australian organisations should take appropriate action.

Critical vulnerabilities in Citrix Gateway and Application Delivery Controller (ADC) devices   Alert

Dec 14, 2022 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a critical vulnerability affecting many versions of Citrix Gateway and ADC. All Australian operators should check for indicators of compromise and install the latest updated versions.

Critical vulnerability in certain versions of Apache HTTP Server   Alert

Oct 8, 2021 - A vulnerability exists in Apache HTTP Server 2.4.49. A cyber actor could exploit this vulnerability to execute arbitrary code. Initial information also indicates that the vulnerability could also be used perform remote code execution under certain configurations. Affected Australian organisations should apply the available patch.

Remote code execution vulnerability present in Sophos Firewall   Alert

Mar 30, 2022 - A vulnerability (CVE-2022-1040) has been identified in Sophos Firewall prior to version 18.5 which could allow a malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.

Critical Infrastructure Uplift Program (CI-UP)   Program page

Apr 16, 2024 - The Critical Infrastructure Uplift Program (CI-UP) offers a range of services that assist critical infrastructure (CI) partners to improve their resilience against cyberattacks.

National Exercise Program   Program page

Jul 12, 2018 - Our National Exercise Program helps critical infrastructure and government organisations validate and strength Australia's nationwide cyber security arrangements.

Delivering the goods in cyber security resilience to the transport and logistics sector   News

Oct 27, 2022 - National Cyber Security Exercise Series: Australia’s transport and logistics sector – May to August 2023

Joint guide for cybersecurity best practices for Smart Cities   News

Apr 20, 2023 - This guide provides three recommendations to help communities strengthen their cyber posture.

Supply chain compromise of 3CX DesktopApp   Alert

Mar 31, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a reported supply chain compromise affecting the 3CX DesktopApp, allowing malicious actors to conduct multi-stage attacks against users of the legitimate software. Australian users of affected versions of 3CX DesktopApp should immediately follow the vendor’s advice and investigate for signs of malicious activity.

Important Vulnerabilities in Microsoft’s August 2023 Security Update   Alert

Aug 10, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s August 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.