Apr 30, 2019 - This publication provides prioritised guidance on strategies that can be implemented to mitigate the cyber threat associated with malicious emails and email attachments.
Jan 9, 2019 - The Australian Cyber Security Centre (ACSC) is aware that messages are circulating on Whatsapp that attempt to lure people into using a ‘gold’ version of the app. The scam urges victims to sign up for an ‘upgrade’. After clicking on the link you would be redirected to a fake page and your phone would become infected with malware. Remember, any updates to WhatsApp usually happen automatically through the app. If you receive a request to download 'WhatsApp Gold' do not click the link. Delete it.
Dec 6, 2018 - Adobe has released security updates for its widely used Flash Player app to help users defend themselves against the latest malware. Users who fail to update their Flash Player app could be vulnerable to cyber criminals, who could use it as an opportunity to access data, programs, individual computers or networks.
Sep 17, 2018 - Fraudsters often try to exploit our willingness to help those in need, as Australians have experienced in the aftermath of devastating cyclones. The National Cybersecurity and Communications Integration Centre (NCCIC) in the United States has warned users and administrators to be vigilant for malicious cyber activity in the aftermath of Hurricane Florence. Fraudulent emails commonly appear after major natural disasters and often contain links or attachments that direct users to malicious websites.
Aug 14, 2018 - Malware (short for 'malicious software') is software that cyber criminals use to harm your computer system or network. Cyber criminals can use malware to gain access to your computer without you knowing, in targeted or broad-based attacks. Cyber criminals use malware for different reasons, most commonly to steal your confidential information, hold you to ransom or install damaging programs onto your device without your knowledge. Malware can get onto your device or system when you visit an untrustworthy website or download an infected file via an email or a portable device,…
Aug 13, 2018 - Ransomware is a type of malware that denies access to files or computer systems until a ransom is paid. Ransomware can get onto your device in the same way as other malware or a virus, for example by visiting unsafe or suspicious websites, opening emails or files from someone you don't know, clicking on 'malicious' links in social media and peer-to-peer networks.
Jul 1, 2018 - The cyber threat to Australian individuals and organisations is undeniable, unrelenting and continues to grow. You could be a target even if you don't think the information held on your networks is valuable, or that your business would be of interest to cyber adversaries. Many organisations are at risk purely because they are vulnerable through unpatched software or unaware staff members. Common threats impacting Australians include:
Jul 1, 2018 - The US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have released a new report, covering technical details on the tools and infrastructure used by North Korean state-sponsored cyber actors. This is the latest in a series of Malware Analysis Reports (MAR) relating to activity by North Korea. The Australian Cyber Security Centre is sharing this information to enable network defenders to identify and reduce exposure to the persistent threat of criminal and state-sponsored cyber actors.
May 25, 2018 - Australian users need to be aware of VPNFilter malware, which is known to affect networking equipment including Linksys, MikroTik, Netgear and TP-Link, as well as QNAP network-attached storage (NAS) devices. Once a malicious actor compromises a device using VPNFilter malware, they are able to collect network traffic (including website credentials) traversing the device. Importantly, the malware can also be used to disable the device.
Feb 1, 2017 - The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help technical cyber security professionals in all organisations mitigate cyber security incidents. This guidance addresses targeted cyber intrusions (e.g. executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, 'business email compromise' and industrial control systems.