Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Latest threat advice

New US Malware Report on state-sponsored actors

Jul 1, 2018 - The US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have released a new report, covering technical details on the tools and infrastructure used by North Korean state-sponsored cyber actors. This is the latest in a series of Malware Analysis Reports (MAR) relating to activity by North Korea. The Australian Cyber Security Centre is sharing this information to enable network defenders to identify and reduce exposure to the persistent threat of criminal and state-sponsored cyber actors.
VPN Filter Attack

Protect your devices against VPNFilter malware

May 25, 2018 - Australian users need to be aware of VPNFilter malware, which is known to affect networking equipment including Linksys, MikroTik, Netgear and TP-Link, as well as QNAP network-attached storage (NAS) devices. Once a malicious actor compromises a device using VPNFilter malware, they are able to collect network traffic (including website credentials) traversing the device. Importantly, the malware can also be used to disable the device.

Routers targeted: Cisco Smart Install feature continues to be targeted by Russian state-sponsored actors

Apr 17, 2018 - Russian state-sponsored actors are responsible for activity targeting Cisco devices using the Smart Install feature worldwide, including Australia. Cisco has published the actions needed to secure the Smart Install feature in, Action Required to Secure the Cisco IOS and IOS XE Smart Install Feature.

Processor vulnerabilities (Meltdown/Spectre)

Jan 29, 2018 - Security researchers have uncovered widespread critical vulnerabilities affecting modern processors

ACSC Threat Report 2017

Oct 15, 2017 - This is the third Australian Cyber Security Centre (ACSC) Threat Report. It continues to reflect the experience, focus, and mandates of the ACSC’s member organisations. This report provides an insight into what the Centre has been seeing, learning, and responding to, focusing on specific areas of change or new knowledge obtained. For the first time, this year’s Threat Report also includes insights into how the ACSC works and highlights some of the ways in which we have both proactively and reactively responded to cyber threats.

ACSC Threat Report 2016

Oct 15, 2016 - This is the second Australian Cyber Security Centre (ACSC) Threat Report. It continues to reflect the experience, focus, and mandates of the ACSC’s member organisations. This report provides an insight into what the Centre has been seeing, learning, and responding to, focusing on specific areas of change or new knowledge obtained. But we at the ACSC are not just focused on the problem. Importantly, this document also contains mitigation and remediation advice to assist organisations to prevent, and respond to, cyber threats.

Web Shells - Threat Awareness and Guidance

Nov 1, 2015 - Web shells can be used to leverage unauthorised access and can lead to wider network compromise. This advisory outlines the threat and provides prevention, detection and mitigation strategies for administrators of web servers that have active content languages installed.
Evaluation

ACSC Threat Report 2015

Jul 15, 2015 - This report describes the range of cyber adversaries targeting Australian networks, explains their motivations, the malicious activities they are conducting and their impact, and provides specific examples of activity targeting Australian networks during 2014. It also offers mitigation advice on how organisations can defend against these activities.