Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Security vulnerability

Assessing Security Vulnerabilities and Applying Patches

May 17, 2019 - Applying patches to operating systems, applications and devices is critical to ensuring the security of systems. As such, patching forms part of the Essential Eight from the Strategies to Mitigate Cyber Security Incidents. . Assessing Security Vulnerabilities and Applying Patches , Introduction Applying patches to operating systems, applications and devices is…

Data Spill Management Guide

May 17, 2019 - This publication provides guidance for managing data spills within an organisation. First published 2012; Lastest version April 2019 . Data Spill Management Guide (April 2019) , Introduction A data spill is the accidental or deliberate exposure of information into an uncontrolled or unauthorised environment, or to persons without a need-to-know. A data spill is…
man and woman looking worried at laptop

ACSC Advisory – 2019-126: Vulnerable version of Telerik UI being actively exploited by APT actor

May 16, 2019 - The Australian Cyber Security Centre (ACSC) has become aware that Advanced Persistent Threat (APT) actors have been scanning for and attempting exploitation against unpatched versions of Telerik UI for ASP.NET AJAX using publically available exploits. Successful exploitation could allow an attacker to upload files to the vulnerable server to facilitate further compromise. . Details Telerik offers…
WhatsApp logo

Users advised to update WhatsApp

May 15, 2019 - The Australian Cyber Security Centre (ACSC) advises users of WhatsApp to implement the latest fix for a reported vulnerability. Cyber criminals can use any weakness in apps to access your phone or device. To stay one step ahead of remote attackers, we recommend that you set your phone and device/s to auto update your apps. .
Map with GPS markers

GPS week roll over April 6th

Feb 20, 2019 - On April 6th, the GPS week counter rolls over and resets to zero. This change may affect Industrial Control Systems (ICSs) and Critical Infrastructure (CI) owners and operators. This rollover may affect log time stamp information, loss of communication between devices, inability to authenticate multi-factor authentication, or the ability to log in to computers. . What is GPS time and what’s changing…
Feature - mobile security

What Executives Should Know About Cyber Security

Jan 4, 2019 - This publication discusses high-level topics that executives should know about cyber security within their organisations. .

Protecting Web Applications and Users

Jan 4, 2019 - This publication provides guidance on how to deploy low cost, yet effective, security controls to existing web applications without a need to change their source code. .
Cisco logo

Exploitation of Critical Cisco ASA Vulnerability

Feb 10, 2018 - The ACSC has become aware of a change in the threat situation surrounding the recently announced Cisco ASA critical remote code execution vulnerability. Proof of concept code is now available which results in a denial of service condition on targeted vulnerable devices. Cisco first released a security advisory on 29 January detailing the vulnerability and affected devices but has since identified additional attack…
Cyber strategy

Strategies to Mitigate Cyber Security Incidents - Mitigation Details

Feb 5, 2017 - This publication helps organisations mitigate cyber security incidents caused by various cyber threats. It addresses targeted cyber intrusions, adversaries with destructive intent, malicious insiders, ‘business email compromise’ and industrial control systems..