May 17, 2019 - Malicious actors are compromising Australian business Remote Desktop Protocol (RDP) services, also known as Windows Terminal Services or Windows Remote Desktop. In 2018 and 2019, the ACSC knows of more than 48,000 Australian RDP services that were accessible on the Internet, exposing more than 2,000 Australian businesses.
May 15, 2019 - The Australian Cyber Security Centre (ACSC) advises users of WhatsApp to implement the latest fix for a reported vulnerability. Cyber criminals can use any weakness in apps to access your phone or device. To stay one step ahead of remote attackers, we recommend that you set your phone and device/s to auto update your apps.
Apr 30, 2019 - Applying patches to operating systems, applications and devices is critical to ensuring the security of systems. As such, patching forms part of the Essential Eight from the Strategies to Mitigate Cyber Security Incidents.
Apr 30, 2019 - This publication provides prioritised guidance on strategies that can be implemented to mitigate the cyber threat associated with malicious emails and email attachments.
Mar 21, 2019 - The Australian Cyber Security Centre (ACSC) advises users and administrators of WordPress version 5.1 to update their applications to WordPress 5.1.1. The update addresses a vulnerability that could allow an attacker to take control of an affected website. WordPress 5.1 and prior versions are affected. More information about the update can be found here
Feb 20, 2019 - On April 6th, the GPS week counter rolls over and resets to zero. This change may affect Industrial Control Systems (ICSs) and Critical Infrastructure (CI) owners and operators. This rollover may affect log time stamp information, loss of communication between devices, inability to authenticate multi-factor authentication, or the ability to log in to computers.
Jan 11, 2019 - Following the global compromise of managed service providers or MSPs, the Australian Cyber Security Centre (ACSC) is calling on Australian businesses and individuals to be proactive in implementing better cyber security practices. While no single mitigation strategy is guaranteed to prevent cyber security incidents, organisations are recommended to implement eight essential mitigation strategies as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems.
Dec 21, 2018 - Microsoft has released a security update for Internet Explorer after receiving a report from Google about a new vulnerability that is being used in targeted attacks. Security vulnerabilities in applications can be used to execute malicious code on your systems, and using the latest version of applications is one way that you can better protect yourself, as we explain in the Essential Eight.
Dec 6, 2018 - Adobe has released security updates for its widely used Flash Player app to help users defend themselves against the latest malware. Users who fail to update their Flash Player app could be vulnerable to cyber criminals, who could use it as an opportunity to access data, programs, individual computers or networks.
Jul 26, 2018 - A new version of Google Chrome is now available that marks websites that don’t use HTTPS encryption as ‘not secure’. The ACSC advises all website owners to configure their website to serve web content only via the encrypted HTTPS protocol, and not via the unencrypted HTTP protocol.