You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying results for Displaying 361 - 390 of 517 results.
Small Business Cloud Security Guides: Technical Example - Configure Macro Settings Publication
Dec 16, 2022 Configuring macro settings protects an organisation’s systems from malicious macros. Macros are powerful tools. They were introduced to improve productivity however their functionality can also be used by cyber criminals to compromise a user’s system.
Vulnerability in Fortinet’s FortiManager Alert
Oct 24, 2024 The ASD’s ACSC is aware of a vulnerability affecting all versions of Fortinet's FortiManager device that enables an unauthorised actor access to the FortiManager console (CVE-2024-47575). FortiManager devices provide centralised management of Fortinet devices from a single console.
Vulnerability in Progress Kemp products Alert
Feb 22, 2024 ASD’s ACSC is aware of a vulnerability (CVE-2024-1212) that affects all Progress Kemp LoadMaster releases after 7.2.48.1. Organisations are strongly encouraged to take immediate action to patch relevant systems.
New joint advisory on PRC botnet operations released News
Sep 19, 2024 Protect your organisation and yourself from botnet operations.
Industrial Control Systems Remote Access Protocol Publication
Oct 6, 2021 External parties may need to connect remotely to critical infrastructure control networks. This access is to allow the manufacturers of equipment used in Australia’s critical infrastructure the ability to maintain the equipment, when a fault is experienced that cannot be fixed in the required timeframe any other method.
Essential Eight Maturity Model Changes Publication
Nov 27, 2023 This publication provides an overview of the changes for the November 2023 release.
Widespread exposure of vulnerability in cPanel Alert
May 9, 2023 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a vulnerability affecting cPanel and cPanel managed websites. All Australian organisations should apply the available patches, and ensure staff are informed of the risks against their systems when clicking suspicious links.
Recommendations to mitigate Facebook flaw in 'View As' feature Advisory
Sep 29, 2018 This advisory provides information about how to protect yourself to minimise the risk of further breaches caused by attackers exploiting the flaw in the 'View As' feature on Facebook.
ASD's ACSC and international partners encourage action to mitigate risks for Log4j vulnerability News
Dec 23, 2021 ASD's ACSC and cyber security agency partners have issued a joint statement and advisory on the Log4j vulnerability providing technical details, mitigations and resources to help address the critical software flaw.
Important Vulnerabilities in Microsoft’s August 2023 Security Update Alert
Aug 10, 2023 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s August 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.
Bring Your Own Device for Executives Publication
Oct 6, 2021 Bring Your Own Device (BYOD) scenarios enable organisations to take advantage of new technologies faster. It also has the potential to reduce hardware costs and improve organisational productivity and flexibility. However, BYOD also introduces new risks to an organisation’s business and the security of its information, which need to be carefully considered before implementation.
Exploitation of Microsoft Office vulnerability: Follina Alert
Jun 15, 2022 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.
Cloud Assessment and Authorisation FAQ Publication
Jan 18, 2024 This publication provides answers to frequently asked questions on the Australian Signals Directorate (ASD)’s assessment and authorisation framework for cloud service providers (CSPs) and their cloud services.
Widespread outages relating to CrowdStrike software update Alert
Jul 21, 2024 A CrowdStrike software update has led to outages impacting Windows systems.
Critical severity vulnerability in Fortinet Fortigate SSL-VPN devices Alert
Jun 13, 2023 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a critical pre-authentication remote code execution vulnerability in Fortinet Fortigate SSL VPN devices. Australian organisations should patch their products and apply any recommended mitigations.
Essential Eight Assessment Process Guide Publication
Oct 2, 2024 This publication provides advice on how to assess the implementation of the Essential Eight.
Critical severity vulnerability in Fortinet FortiOS SSL-VPN Alert
Dec 13, 2022 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a heap-based buffer overflow vulnerability in FortiOS SSL-VPN. All Australian organisations should apply the available patch immediately.
Critical vulnerabilities in Citrix Gateway and Application Delivery Controller (ADC) devices Alert
Dec 14, 2022 The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a critical vulnerability affecting many versions of Citrix Gateway and ADC. All Australian operators should check for indicators of compromise and install the latest updated versions.
Multiple vulnerabilities present in VMware products Alert
Aug 4, 2022 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate action.
End of Support for Microsoft Windows and Microsoft Windows Server Publication
Mar 20, 2024 Support for Microsoft Windows and Microsoft Windows Server users following the expiration of the specified servicing timeline.
Critical vulnerabilities in GitLab Products Alert
Jan 15, 2024 The Australian Signals Directorate’s (ASD's) Australian Cyber Security Centre (ACSC) is aware of critical vulnerabilities affecting GitLab Community Edition (CE) and Enterprise Edition (EE). Customers should update to a patched version immediately and enable multi-factor authentication for all GitLab accounts.
Critical vulnerabilities in ‘ownCloud’ file share Alert
Nov 29, 2023 The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of multiple critical vulnerabilities affecting the file sync and sharing software ‘ownCloud’. This primarily impacts self-hosted instances of the open-source product. Those impacted should apply the patches available and consider the workarounds made available by the vendor.
Active exploitation of vulnerability in Microsoft Internet Information Services Alert
May 22, 2020 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware that sophisticated actors are actively exploiting a deserialisation vulnerability existing in all versions of Microsoft’s Internet Information Services (IIS) using the .NET framework (.NET). The vulnerability exploits the service’s VIEWSTATE parameter to allow for remote code execution by unauthorised users.
APT exploitation of Fortinet Vulnerabilities Alert
Apr 3, 2021 Advanced Persistent Threat (APT) actors targeting historic Fortinet vulnerabilities.
Australia’s second ever cyber sanction imposed News
May 8, 2024 Today the Australian Government, along with our international partners, has imposed a targeted financial sanction and travel ban on Russian citizen Dmitriy Khoroshev, for his leadership role in the notorious LockBit ransomware group.
Cloud Computing Security for Tenants Publication
Jan 18, 2024 This publication is designed to assist an organisation’s cyber security team, cloud architects and business representatives to jointly perform a risk assessment and use cloud services securely.
Cyber Security Guidelines
Jun 13, 2024 Practical guidance on how an organisation can protect their information technology and operational technology systems, applications and data from cyber threats.
Cyber Security Principles Advice
Jun 13, 2024 Follow the Information Security Manual (ISM)'s cyber security principles to protect information technology and operational technology systems, applications and data from cyber threats.
Essential Eight
Nov 27, 2023 While no set of mitigation strategies are guaranteed to protect against all cyber threats, organisations are recommended to implement eight essential mitigation strategies from the Strategies to Mitigate Cyber Security Incidents as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems.
National cyber security exercises for Australia’s electricity industry News
Apr 30, 2020 In November 2019, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) coordinated a national cyber security exercise series in partnership with Australia’s electricity industry and government agencies.
