Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Security vulnerability

Microsoft Windows Security Vulnerability – ‘BlueKeep’ (CVE-2019-0708)

Jun 6, 2019 - Vulnerability The Australian Signals Directorate’s Australian Cyber Security Centre advises Windows users to ensure their systems are patched and up to date after Microsoft’s recent disclosure of new remote desktop vulnerability.
Microsoft logo

Australian Cyber Security Centre advises Windows users across Australia to protect against BlueKeep

Jun 6, 2019 - The Australian Cyber Security Centre is aware of Microsoft’s recent disclosure of a remote desktop vulnerability called CVE-2019-0708, also known as BlueKeep. As an indication of just how significant the impacts of BlueKeep can be to their customers, Microsoft took the unusual step of publishing advice to warn of its ability to propagate or ‘worm’ through vulnerable computer systems, with no user interaction at all.
Canva logo

Canva users advised to change your password

May 25, 2019 - The Australian Cyber Security Centre (ACSC) is aware of a security incident affecting the Australian online design platform, Canva. Canva assures the ACSC it has taken the necessary steps to mitigate the incident and is encouraging all users to change their passwords as a precaution. For more information and updates, see their public statement here.
man and woman looking worried at laptop

ACSC Advisory – 2019-126: Vulnerable version of Telerik UI being actively exploited by APT actor

May 16, 2019 - The Australian Cyber Security Centre (ACSC) has become aware that Advanced Persistent Threat (APT) actors have been scanning for and attempting exploitation against unpatched versions of Telerik UI for ASP.NET AJAX using publically available exploits. Successful exploitation could allow an attacker to upload files to the vulnerable server to facilitate further compromise.
WhatsApp logo

Users advised to update WhatsApp

May 15, 2019 - The Australian Cyber Security Centre (ACSC) advises users of WhatsApp to implement the latest fix for a reported vulnerability. Cyber criminals can use any weakness in apps to access your phone or device. To stay one step ahead of remote attackers, we recommend that you set your phone and device/s to auto update your apps.
Feature - mobile security

What Executives Should Know About Cyber Security

Apr 30, 2019 - This publication discusses high-level topics that executives should know about cyber security within their organisations.

Protecting Web Applications and Users

Apr 30, 2019 - This publication provides guidance on how to deploy low cost, yet effective, security controls to existing web applications without a need to change their source code.

Assessing Security Vulnerabilities and Applying Patches

Apr 30, 2019 - Applying patches to operating systems, applications and devices is critical to ensuring the security of systems. As such, patching forms part of the Essential Eight from the Strategies to Mitigate Cyber Security Incidents.

Data Spill Management Guide

Apr 30, 2019 - This publication provides guidance for managing data spills within an organisation. First published 2012; Lastest version April 2019
Map with GPS markers

GPS week roll over April 6th

Feb 20, 2019 - On April 6th, the GPS week counter rolls over and resets to zero. This change may affect Industrial Control Systems (ICSs) and Critical Infrastructure (CI) owners and operators. This rollover may affect log time stamp information, loss of communication between devices, inability to authenticate multi-factor authentication, or the ability to log in to computers.