Search

Australia is fighting back against ransomware   News

Jun 15, 2021 - Australians continue to be targeted by cybercriminals through ransomware campaigns impacting multiple sectors across our economy.

Remote code execution vulnerability present in the MSHTML component of Microsoft Windows   Alert

Sep 14, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. At this current time there is no patch available, affected Australian customers should apply the Microsoft recommended workarounds.

APT40 Advisory   Advisory

Jul 9, 2024 - This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre and international partners, outlines a People’s Republic of China (PRC) state-sponsored cyber group and their current threat to Australian networks.

Important Vulnerabilities in Microsoft’s August 2023 Security Update   Alert

Aug 10, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s August 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.

Cybersecurity for charities and not-for-profits   Guidance

Mar 12, 2024 - How to avoid common cyberthreats and protect your mission .

Essential Eight Assessment Course   Program page

Jul 3, 2023 - The Essential Eight Assessment Course will help you understand the intent and application of the Essential Eight, learn to use ASD designed tools, and accurately test the implementation of the Essential Eight.

ASD's ACSC/NCSC collaboration to strengthen cyber security posture   News

Nov 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the UK’s National Cyber Security Centre (NCSC) are committed to improving our respective nation’s cyber security posture and protecting our networks from cyber threats.

Microsoft Releases Security Updates for Microsoft Edge Browser   Alert

Jun 30, 2021 - On June 24 2021, Microsoft released updates for their Edge Browser addressing two vulnerabilities that an attacker could exploit to inject and execute malicious code.

Online shoppers the target of Christmas cyber grinches   News

Nov 3, 2021 - In the lead-up to Black Friday and festive season sales, Australians must be alert to the cybercriminals seeking to steal your Christmas joy and your money.

Remote code execution vulnerability present in the Windows Scripting Engine of Microsoft Windows   Alert

Sep 16, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian customers should apply the security update provided by Microsoft.

Critical vulnerability present in certain versions of Microsoft Excel   Alert

Nov 11, 2021 - Microsoft has identified active exploitation of a vulnerability in Microsoft Excel. Affected Australian organisations should apply the available security update as soon as possible.

The Commonwealth Cyber Security Posture in 2024   Reports and statistics

Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cybersecurity measures implemented across the Australian Government for the 2023–24 financial year.

Exploitation of Microsoft Office vulnerability: Follina   Alert

Jun 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.

Security considerations for edge devices   Publication

Feb 5, 2025 - Edge devices are an important part of many enterprise computing systems. They allow connection across various devices that aid in productivity. However, just like with all technology they are not without their vulnerabilities. Edge devices require attention and diligence to keep data safe and secure.

Hardening Linux workstations and servers   Publication

Nov 27, 2023 - This publication has been developed to assist organisations in understanding how to harden Linux workstations and servers.

Head ACSC Address to AISA Cyber Conference 2021   News

Mar 17, 2021 - The Future of Cyber Security in Australia’ – Address by Abigail Bradshaw CSC, on 15 March 2021 Canberra Convention Centre.

Passphrases  

Protect your accounts from cybercriminals with a secure password or passphrase.

Essential Eight explained   Publication

Nov 27, 2023 - This publication provides an overview of the Essential Eight.

Secure mobility  

Feb 4, 2021 - This page lists publications on mobile device management and usage.

Cancel COVID-19 cybercrime  

Oct 18, 2022 - Cybercriminals are adapting their methods to take advantage of the COVID-19 pandemic. We continue to receive reports from individuals, businesses and government departments about a range of different COVID-19-themed scams, online fraud and phishing campaigns.

Business resources  

Apr 11, 2023 - Protecting your business from cybercriminals is vital in keeping your people and systems secure. Learn how to protect your business from cyberthreats.

Cybersecurity terminology   Advice

Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity terminology.

Infamous Chisel   Advisory

Aug 31, 2023 - Malware Analysis Report.
A collection of components designed to enable remote access and exfiltrate information from Android phones.

Connecting to public Wi-Fi and hotspots   Guidance

Apr 11, 2023 - Public Wi-Fi hotspots are found everywhere in places like your local shops, cafes, hotels and even at some parks. They can be a convenient way to access the internet when you are out, have poor reception or are travelling overseas. Learn more about connecting to public Wi-Fi and hotspots securely.

The Commonwealth Cyber Security Posture in 2023   Reports and statistics

Nov 16, 2023 - The Commonwealth Cyber Security Posture in 2023 informs Parliament on the implementation of cybersecurity measures across the Australian Government for the 2022–23 financial year. According to the Flipchart of PGPA Act Commonwealth entities and companies, as of 30 June 2023 the Australian Government comprised 100 non-corporate Commonwealth entities (NCEs), 72 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs); totalling 189 Australian government entities.

Vulnerability Disclosure Program   News

Nov 23, 2022 - New ACSC publication released to help organisations implement a Vulnerability Disclosure Program.

Protecting your staff   Guidance

Apr 11, 2023 - An incident response plan can help organisations to respond to cybersecurity incidents while continuing to conduct business operations.

Microsoft Office Outlook Remote Code Execution Vulnerability   Alert

Feb 18, 2024 - ASD’s ACSC is aware of a vulnerability in Microsoft Office Outlook (CVE-2024-21413).
Users of Microsoft Office Outlook are strongly advised to follow the mitigation advice provided by Microsoft if they are vulnerable.

Google Releases Security Updates for Chrome Browser   Alert

Jun 21, 2021 - On June 17 2021, Google released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. The patch notes for this version can be viewed at Chrome Release Note.

Critical vulnerability discovered in HTTP.SYS in Microsoft Windows   Alert

May 13, 2021 - A remote code execution vulnerability could enable a malicious cyber actor to compromise vulnerable Microsoft Windows hosts. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends applying available patches.