Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Latest threat advice

Microsoft Windows Security Vulnerability – ‘BlueKeep’ (CVE-2019-0708)

Jun 6, 2019 - Vulnerability The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) advises Windows users to ensure their systems are patched and up to date after Microsoft’s recent disclosure of new remote desktop vulnerability.
man and woman looking worried at laptop

Advisory – 2019-126: Vulnerable version of Telerik UI being actively exploited by APT actor

May 16, 2019 - The Australian Cyber Security Centre (ACSC) has become aware that Advanced Persistent Threat (APT) actors have been scanning for and attempting exploitation against unpatched versions of Telerik UI for ASP.NET AJAX using publically available exploits. Successful exploitation could allow an attacker to upload files to the vulnerable server to facilitate further compromise.

Manic Menagerie Investigation Report

Jan 29, 2019 - This report details technical findings and mitigation advice related to the extensive compromise of at least eight Australian web hosting providers investigated by the Australian Cyber Security Centre (ACSC) in May 2018. The information is designed for use by technical cyber security officers within Australian infrastructure organisations, large businesses and government agencies. This report includes indicators for web hosting providers and their customers to determine if they are victims of the campaign, which uses simple techniques and poses a risk for such organisations.

MSP Investigation Report

Dec 21, 2018 - The ACSC investigation report details the theft of commercial secrets, data and information from the Australian arm of a multinational construction services company via their Managed Service Provider. The compromise reflects those detailed in a 2017 public report ‘Operation Cloud Hopper’, which outlines APT10’s targeting of MSPs to leverage existing relationships with their customers and gain access to their customer networks.

Joint report on publicly available hacking tools

Oct 12, 2018 - This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the UK and USA. It highlights the use of five publicly available tools, observed in recent cyber incidents around the world. To aid the work of network defenders and system administrators, we also provide advice on limiting the effectiveness of these tools and detecting their use on a network.
Scammer calling

Phone scams

Aug 14, 2018 - There are many ways scammers try to get your information or money over the phone. They will usually pretend to be from a well-known organisation, such as a government agency, a utilities provider, Australia Post, a bank or the police. They can be incredibly convincing.
Leaked exploits


Aug 14, 2018 - Malware (short for 'malicious software') is software that cyber criminals use to harm your computer system or network. Cyber criminals can use malware to gain access to your computer without you knowing, in targeted or broad-based attacks. Cyber criminals use malware for different reasons, most commonly to steal your confidential information, hold you to ransom or install damaging programs onto your device without your knowledge. Malware can get onto your device or system when you visit an untrustworthy website or download an infected file via an email or a portable device,…
Identity theft

Identity theft

Aug 14, 2018 - The Australian Cyber Security Centre provides you with up-to-date advice on current threats and vulnerabilities, as well as guidance on mitigation and cyber security best practice.
Email scam

Email scams

Aug 14, 2018 - The Australian Cyber Security Centre provides you with up-to-date advice on current threats and vulnerabilities, as well as guidance on mitigation and cyber security best practice.
Router targetted privacy

Secondary targeting

Aug 13, 2018 - Cyber adversaries will target the weakest link. If they are trying to target a network but it has strong cyber security, they will move to what's called secondary targeting. In secondary targeting, the adversary will try to compromise other networks that might be easier to target and hold the same information, are connected to their target network, or can provide information they can use to compromise the target network.