Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Patching strategies

Software update

You need to patch to protect your business online

May 17, 2019 - Malicious actors are compromising Australian business Remote Desktop Protocol (RDP) services, also known as Windows Terminal Services or Windows Remote Desktop. In 2018 and 2019, the ACSC knows of more than 48,000 Australian RDP services that were accessible on the Internet, exposing more than 2,000 Australian businesses. The ACSC believes these compromises are part of ongoing campaigns to exploit cybersecurity…

Assessing Security Vulnerabilities and Applying Patches

May 17, 2019 - Applying patches to operating systems, applications and devices is critical to ensuring the security of systems. As such, patching forms part of the Essential Eight from the Strategies to Mitigate Cyber Security Incidents. . Assessing Security Vulnerabilities and Applying Patches , Introduction Applying patches to operating systems, applications and devices is…
WhatsApp logo

Users advised to update WhatsApp

May 15, 2019 - The Australian Cyber Security Centre (ACSC) advises users of WhatsApp to implement the latest fix for a reported vulnerability. Cyber criminals can use any weakness in apps to access your phone or device. To stay one step ahead of remote attackers, we recommend that you set your phone and device/s to auto update your apps. .
Wordpress logo

WordPress 5.1.1 security update

Mar 21, 2019 - The Australian Cyber Security Centre (ACSC) advises users and administrators of WordPress version 5.1 to update their applications to WordPress 5.1.1. The update addresses a vulnerability that could allow an attacker to take control of an affected website. WordPress 5.1 and prior versions are affected. More information about the update can be found here Staying safe Security updates fix vulnerabilities or weaknesses in…
Map with GPS markers

GPS week roll over April 6th

Feb 20, 2019 - On April 6th, the GPS week counter rolls over and resets to zero. This change may affect Industrial Control Systems (ICSs) and Critical Infrastructure (CI) owners and operators. This rollover may affect log time stamp information, loss of communication between devices, inability to authenticate multi-factor authentication, or the ability to log in to computers. . What is GPS time and what’s changing…
Email scam

Malicious Email Mitigation Strategies

Jan 14, 2019 - This publication provides prioritised guidance on strategies that can be implemented to mitigate the cyber threat associated with malicious emails and email attachments. Malicious Email Mitigation Strategies (January 2019) First published 2016; updated January 2019 Introduction Socially-engineered emails containing malicious attachments and embedded links have been observed by the Australian Cyber Security Centre (…
SOC

Implementing the Essential Eight for MSPs

Jan 11, 2019 - Following the global compromise of managed service providers or MSPs, the Australian Cyber Security Centre (ACSC) is calling on Australian businesses and individuals to be proactive in implementing better cyber security practices. While no single mitigation strategy is guaranteed to prevent cyber security incidents, organisations are recommended to implement eight essential mitigation strategies as a baseline. This…

Microsoft warns of Internet Explorer vulnerability

Dec 21, 2018 - Microsoft has released a security update for Internet Explorer after receiving a report from Google about a new vulnerability that is being used in targeted attacks. Security vulnerabilities in applications can be used to execute malicious code on your systems, and using the latest version of applications is one way that you can better protect yourself, as we explain in the Essential Eight. According to Microsoft,…
Flash player logo

Adobe urges users to patch Flash Player

Dec 6, 2018 - Adobe has released security updates for its widely used Flash Player app to help users defend themselves against the latest malware. Users who fail to update their Flash Player app could be vulnerable to cyber criminals, who could use it as an opportunity to access data, programs, individual computers or networks. The company said the updates – for Windows, macOS, Linux and Chrome OS – address one critical vulnerability…
Feature - Password security

New Google Chrome update to highlight website security

Jul 26, 2018 - A new version of Google Chrome is now available that marks websites that don’t use HTTPS encryption as ‘not secure’. The ACSC advises all website owners to configure their website to serve web content only via the encrypted HTTPS protocol, and not via the unencrypted HTTP protocol. .