You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 31 - 60 of 642 results.
Recommendations to mitigate DDoS threats being made against Australian organisations Advisory
Feb 25, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a number of Denial of Service (DoS) for ransom threats being made against Australian organisations, primarily in the banking and finance sector.
2019-126: Vulnerable version of Telerik UI being actively exploited by APT actor Alert
May 22, 2020 - The Australian Cyber Security Centre (ACSC) has become aware that Advanced Persistent Threat (APT) actors have been scanning for and attempting exploitation against unpatched versions of Telerik UI for ASP.NET AJAX using publicly available exploits. Successful exploitation could allow an attacker to upload files to the vulnerable server to facilitate further compromise.
CISA, FBI, NSA, and international partners issue advisory on demonstrated threats and capabilities of Russian state-sponsored and cyber criminal actors News
Apr 22, 2022 - Since Russia’s invasion of Ukraine in February, the risk of malicious cyber operations by Russian state-sponsored and criminal cyber actors has increased. The threats to critical infrastructure could impact organisations both within and beyond Ukraine.
Remote code execution vulnerability present in Samba versions prior to 4.13.17 Alert
Feb 4, 2022 - A vulnerability (CVE-2021-44142) has been identified in Samba versions prior to 4.13.17. Exploitation of this vulnerability could allow a malicious cyber actor to perform privileged remote code execution. Affected Australian organisations should apply the available patch, including affected software vendors.
ASD's ACSC Advisory 2020-012: Critical remote code execution vulnerability in Windows DNS server (CVE-2020-1350) Advisory
Jul 15, 2020 - An adversary who successfully exploits the vulnerability could run arbitrary code in the context of the Local System Account. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends users apply the security patch to their Windows DNS servers to prevent an adversary from exploiting this vulnerability.
Remote code execution vulnerability in Windows DNS (CVE-2020-1350) Alert
Jul 15, 2020 - On 14 July 2020, Microsoft acknowledged a critical remote code execution vulnerability in Windows Domain Name System (DNS), which could allow an adversary to run arbitrary code.
ACSC Threat Report 2017 Reports and statistics
Oct 15, 2017 - This is the third Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) Threat Report. It continues to reflect on the experience, focus, and mandates of the ASD’s ACSC’s member organisations. The report provides an insight into what the Centre has been seeing, learning, and responding to, focusing on specific areas of change or new knowledge obtained.
ASD's ACSC Threat Report 2015 Reports and statistics
Jul 15, 2015 - This report describes the range of cyber adversaries targeting Australian networks, their motives, and the type of malicious activities they are conducting and their impact on Australian networks during 2014. It also offers mitigation advice on how organisations can defend against these activities.
ASD's ACSC Threat Report 2016 Reports and statistics
Oct 15, 2016 - This is the second Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) Threat Report. It continues to reflect on the experience, focus, and mandates of the ASD's ACSC’s member organisations. The report provides an insight into what the Centre has been seeing, learning, and responding to, focusing on specific areas of change or new knowledge obtained.
Remote code execution vulnerability present in SonicWall SMA 100 series appliances Alert
Jan 19, 2022 - A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.
Critical security vulnerabilities affecting Mitel MiCollab version 9.8 SP1 FP2 (9.8.1.201) and earlier Alert
Dec 9, 2024 - ASD’s ACSC is aware of multiple critical vulnerabilities impacting Mitel MiCollab collaboration applications.
Junos OS 22.4R2 for MX304, EX4100-48MP, EX4100-24MP, EX4100-24P, EX4100-24T, EX4100-48P, EX4100-48T
May 11, 2023 - Juniper 22.4R2
VMware vCenter Server plugin remote code execution vulnerability (CVE-2021-21972) Alert
Feb 25, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) advises users of VMware vCenter Server products, including as part of VMware Cloud Foundation, to ensure their systems are promptly patched after the recent disclosure of a new remote code execution vulnerability.
Threat update: COVID-19 malicious cyber activity 20 April 2020 Advisory
Apr 20, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) continues to receive reports from individuals, businesses and government departments about a range of different COVID-19 themed scams, online frauds and phishing campaigns. This threat update is about raising awareness of the evolving nature of COVID-19 related malicious cyber activity impacting Australians.
Fast Flux: A national security threat Advisory
Apr 4, 2025 - This advisory is for network defenders and explains how Bulletproof Hosting Providers are using ‘fast flux’ to cycle quickly through bots and DNS records to bypass detection. It highlights the importance of using a reputable Protective DNS (PDNS) provider that detects and blocks fast flux.
Annual Cyber Threat Report 2023-2024 Reports and statistics
Nov 20, 2024 - ASD’s Annual Cyber Threat Report 2023–24 provides an overview of the key cyber threats impacting Australia, how ASD’s ACSC is responding and cyber security advice for Australian individuals, organisations and government to protect themselves online.
ISM OSCAL v2024.12.19
Dec 18, 2024 - ISM OSCAL v2024.12.19 - based on December 2024 Information Security Manual (ISM) and OSCAL version 1.1.2.
ASD Cyber Threat Report 2022-2023 Reports and statistics
Nov 14, 2023 - The ASD's Cyber Threat Report is ACSC’s flagship unclassified publication. The Report provides an overview of key cyber threats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online
ASD's ACSC Annual Cyber Threat Report, July 2021 to June 2022 Reports and statistics
Nov 4, 2022 - The Annual Cyber Threat Report is the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) flagship unclassified publication. The Report provides an overview of key cyber threats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online.
Advisory 2020-004: Remote code execution vulnerability being actively exploited in vulnerable versions of Telerik UI by sophisticated actors Advisory
May 22, 2020 - This advisory is focused around the targeting of CVE-2019-18935 but has significant overlap to the previously released ACSC 2019-126 advisory.
#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability Advisory
Nov 29, 2023 - This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.
ISM OSCAL v2022.09.14
ISM OSCAL v2022.09.14 - based on June 2022 Information Security Manual (ISM) and OSCAL version 1.0.4.
ISM OSCAL v2022.09.15
ISM OSCAL v2022.09.15 - based on September 2022 Information Security Manual (ISM) and OSCAL version 1.0.4.
Understanding Ransomware Threat Actors: LockBit Advisory
May 8, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) alongside international partners have released a joint advisory on the ransomware variant LockBit. It functions as an affiliate-based Ransomware-as-a-Service (RaaS) model where affiliates are recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure.
ISM OSCAL v2023.08.3
Aug 3, 2023 - ISM OSCAL v2023.08.3 - based on June 2023 Information Security Manual (ISM) and OSCAL version 1.1.0.
ISM OSCAL v2023.09.21
Sep 21, 2023 - ISM OSCAL v2023.09.21 - based on September 2023 Information Security Manual (ISM) and OSCAL version 1.1.0.
2021-010: ASD's ACSC Ransomware Profile - Conti Advisory
Mar 4, 2022 - Conti is a ransomware variant first observed in early 2020, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Conti is offered as a Ransomware-as-a-Service (RaaS), enabling affiliates to utilise it as desired, provided that a percentage of the ransom payment is shared with the Conti operators as commission. This product provides information related to Conti’s background, threat activity, and mitigation advice.
ISM OSCAL v2023.09.25
Sep 25, 2023 - ISM OSCAL v2023.09.25 - based on September 2023 Information Security Manual (ISM) and OSCAL version 1.1.1.
ISM OSCAL v2023.06.29
Jun 29, 2023 - ISM OSCAL v2023.06.29 - based on June 2023 Information Security Manual (ISM) and OSCAL version 1.0.4.
ISM OSCAL v2023.04.12
Apr 12, 2023 - ISM OSCAL v2023.04.12 - based on March 2023 Information Security Manual (ISM) and OSCAL version 1.0.4. A release that supersedes v2023.03.5.
