Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Latest threat advice

Advisory 2020-003: Mailto ransomware incidents

Feb 6, 2020 - Overview The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of recent ransomware incidents involving a ransomware tool known as ‘Mailto’ or ‘Kazakavkovkiz’. Mailto belongs to the KoKo ransomware family. At this time, the ACSC is unaware whether these incidents are indicative of a broader campaign. Details Currently, the ACSC has limited information about the initial intrusion vector for Mailto infections.

Advisory 2020-002: Critical Vulnerabilities for Microsoft Windows Announced, Patch Urgently

Jan 15, 2020 - On 15 January 2020 (AEDT), Microsoft released security patches for three critical and one important vulnerabilities in the Microsoft Remote Desktop Client, Remote Desktop Gateway and the Windows operating system. The ACSC recommends that users of these products apply patches urgently to prevent malicious actors from using these vulnerabilities to compromise your network.

Advisory 2020-001-4: Active Exploitation of Critical Vulnerability in Citrix Application Delivery Controller and Citrix Gateway

Jan 13, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of ongoing attempts to exploit a critical vulnerability in Citrix Application Delivery Controller (ADC) (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP.

Cybercrime in Australia – July to September 2019

Dec 16, 2019 - As part of the Australian Signals Directorate's Australian Cyber Security Centre (ACSC)'s role to lead government efforts to improve cyber security, the ACSC reveals the most common cybercrimes affecting Australians, in the Cybercrime in Australia July to September 2019 report.
Check Scam Message Artwork

Advisory 2019-131a: Emotet malware campaign

Nov 8, 2019 - Overview The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has observed an ongoing and widespread campaign of malicious emails designed to spread Emotet across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies. Emotet provides an attacker with a foothold in a network from which additional attacks can be performed, often leading to further compromise through the deployment of ransomware.
Pulse Secure Logo

Advisory – 2019-129: File Disclosure Vulnerability in Pulse Connect Secure VPN Software

Oct 1, 2019 - Overview The Australian Signals Directorate’s Australian Cyber Security Centre is aware of a vulnerability that exists in the Pulse Connect Secure Virtual Private Network (VPN) solution. We advise users to ensure their systems are patched and up to date. The Pulse VPN Vulnerability, also known as CVE-2019-11510, was initially disclosed in April 2019 but has resurfaced after multiple reports of exploitation and the disclosure of working exploits available for use on Pastebin and GitHub.

External Advisories

Jul 30, 2019 - ICS-CERT Alerts - An ICS-CERT Alert is intended to provide timely notification to critical infrastructure owners and operators concerning threats or activity with the potential to impact critical infrastructure computing networks. ICS-CERT Advisories - Advisories provide timely information about current security issues, vulnerabilities, and exploits.
person at laptop

ACSC ADVISORY: Sextortion Campaign

Jul 24, 2019 - The ACSC is aware of a sextortion scam email campaign targeting the Australian community. The ACSC, Office of the eSafety Commissioner and Scamwatch have received over 300 reports this week. This scam may appear to originate from an individual’s own email address and threatens to release personal and sensitive information unless the scammer is paid money.
Code on mobile and laptop

Advisory – 2019-009: Securing Unprotected Network and Data Services

Jul 3, 2019 - The ACSC has observed a large number of unprotected network and database/storage services hosted on Australian IP address ranges. This exposure may lead to data contained in these services being compromised. The ACSC urges organisations to check their externally facing internet services and ensure appropriate access controls and protections are in place.