Search

Critical remote code execution vulnerability found in the Log4j library Alert

Dec 21, 2021 A vulnerability (CVE-2021-44228) exists in certain versions of the Log4j library. A malicious cyber actor could exploit this vulnerability to execute arbitrary code. Australian organisations should apply latest patches immediately where Log4j is known to be used.

2021-007: Log4j vulnerability – advice and mitigations Advisory

Dec 29, 2021 On 10 December 2021, ASD's ACSC released an alert relating to a serious vulnerability in versions of the Log4j Java logging library. Malicious cyber actors are using this vulnerability to target and compromise systems globally and in Australia. The ASD's ACSC is working with a significant number of victims and affected vendors across all sectors of the economy.

Remote Access to Operational Technology Environments Publication

Mar 28, 2023 Many critical infrastructure providers are moving to support remote working arrangements. In doing so, modifying cyber security defences for Operational Technology Environments (OTE) is not a decision that should be taken lightly.

Easy steps to secure yourself online Guidance

Apr 7, 2021 Reduce the risk of being targeted by cybercriminals by following these easy steps.

Vulnerability Disclosure Programs Explained Publication

Nov 23, 2022 A vulnerability disclosure program (VDP) is a collection of processes and procedures designed to identify, verify, resolve and report on vulnerabilities disclosed by people who may be internal or external to organisations. The importance of developing, implementing and maintaining a well thought-out VDP cannot be underestimated. It is an integral part of professional organisations’ business operations.

Creating Strong Passphrases Guidance

Oct 6, 2021 The longer your passphrase, the better. As adversaries can crack a short password with very little effort or time, you can increase the time and effort it takes by using a passphrase instead.

Guidelines for System Monitoring Advice

Sep 26, 2024 This chapter of the Information Security Manual (ISM) provides guidance on system monitoring.

2020-006 Detecting and mitigating exploitation of vulnerability in Microsoft Internet Information Services Advisory

May 22, 2020 This advisory provides indicators of the activity the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed and details proactive advice on detecting and mitigating potential exploitation of this vulnerability in Microsoft Internet Information Services.

Cloud Computing Security for Cloud Service Providers Publication

Jan 18, 2024 This publication is designed to assist Cloud Service Providers (CSPs) in offering secure cloud services. It can also assist assessors in validating the security posture of a cloud service, which is often verified through an Infosec Registered Assessors Program (IRAP) assessment of the CSP services.

Implementing Multi-Factor Authentication Publication

Nov 27, 2023 This publication has been developed to provide guidance on what multi-factor authentication is, different multi-factor authentication methods that exist and why some multi-factor authentication methods are more secure, and therefore more effective, than others.

Securing PowerShell in the Enterprise Publication

Oct 6, 2021 This publication describes a maturity framework for PowerShell, balancing the security and business requirements of organisations. This framework enables organisations to take incremental steps towards securing PowerShell across their environment.

How to Combat Fake Emails Publication

Oct 6, 2021 Organisations can reduce the likelihood of their domains being used to support fake emails by implementing Sender Policy Framework (SPF) and Domain-based Message Authentication, Reporting and Conformance (DMARC) records in their Domain Name System (DNS) configuration. Using DMARC with DomainKeys Identified Mail (DKIM) to sign emails provides further safety against fake emails. Likewise, organisations can better protect their users against fake emails by ensuring their email systems use and apply SPF, DKIM and DMARC policies on inbound email.

Guidelines for System Hardening Advice

Sep 26, 2024 This chapter of the Information Security Manual (ISM) provides guidance on system hardening.

Business Continuity in a Box Guidance

Aug 21, 2024 Business Continuity in a Box assists organisations to swiftly and securely stand up critical business functions during or following a cyber security incident that has affected the availability or trust of existing systems.

2020-001-4: Remediation for critical vulnerability in Citrix Application Delivery Controller and Citrix Gateway Advisory

Jan 13, 2020 On 19 January 2020, Citrix released patches for two versions of the Citrix Application Delivery Controller (ADC) and Citrix Gateway appliances. Citrix expects to have patches available across all supported versions of Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP before the end of January 2020.

2020-002: Critical vulnerabilities for Microsoft Windows Alert

Jan 15, 2020 On 15 January 2020 (AEDT), Microsoft released security patches for three critical and one important vulnerabilities in the Microsoft Remote Desktop Client, Remote Desktop Gateway and the Windows operating system. The ACSC recommends that users of these products apply patches urgently to prevent malicious actors from using these vulnerabilities to compromise your network.

Act now to defend against vicious cybercriminals News

Jul 20, 2021 Cybercriminals are targeting Australians at an unprecedented level to steal sensitive information and money, including through business email compromise and ransomware attacks.

Active exploitation of critical vulnerability in Citrix Application Delivery Controller and Citrix Gateway Alert

Jan 13, 2020 The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of ongoing attempts to exploit a critical vulnerability in Citrix Application Delivery Controller (ADC) (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP.

Advisory 2021-002: Active exploitation of vulnerable Microsoft Exchange servers Advisory

Mar 26, 2021 On 2 March 2021 Microsoft released information regarding multiple exploits being used to compromise instances of Microsoft Exchange Server. Malicious actors are exploiting these vulnerabilities to compromise Microsoft Exchange servers exposed to the internet, enabling the malicious actor to access email accounts and to enable further compromise of the Exchange server and associated networks.

ASD's ACSC Advisory 2020-012: Critical remote code execution vulnerability in Windows DNS server (CVE-2020-1350) Advisory

Jul 15, 2020 An adversary who successfully exploits the vulnerability could run arbitrary code in the context of the Local System Account. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends users apply the security patch to their Windows DNS servers to prevent an adversary from exploiting this vulnerability.

Australia Post SMS scam targeting Australians Alert

Dec 13, 2019 With millions of parcel deliveries expected around the country, Australia Post is seeing widespread scam text (SMS) messages being sent to people, using their brand.

Australians urged to act on cyber alert News

Dec 15, 2021 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) issued an alert on a vulnerability in the Apache Log4j software library that exposed systems to potential cyberattack.

Back-up data to defend against cybercrime News

Mar 31, 2021 On World Back-up Day, the Australian Government is urging businesses, organisations and individuals to back-up their digital information to protect themselves against compromise.

Cloud Services Program page

Feb 24, 2023 The Cloud Services Certification Program (CSCP) ceased on 2 March 2020. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) ceased the Certified Cloud Services List (CCSL) on 27 July 2020 and concurrently released the Cloud Security Guidance package.

Conti ransomware incidents in Australia Alert

Dec 10, 2021 Multiple Australian organisations have been impacted by Conti ransomware in November and December 2021.

Critical vulnerability discovered in HTTP.SYS in Microsoft Windows Alert

May 13, 2021 A remote code execution vulnerability could enable a malicious cyber actor to compromise vulnerable Microsoft Windows hosts. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends applying available patches.

Critical vulnerability identified in Apple iOS and macOS Alert

Feb 12, 2022 A Remote Code Execution vulnerability has been identified in certain versions of Apple WebKit, affecting iOS and macOS devices. Affected users of these devices should update their devices as soon as possible.

Critical vulnerability present in SAP Internet Communication Manager Alert

Feb 11, 2022 A vulnerability has been identified in SAP Internet Communication Manager (ICM), a component of many SAP products, which may allow full system takeover. Affected organisations should apply the available security update.

Cyber Security Awareness Month 2021 News

Oct 5, 2021 October is Cyber Security Awareness Month.

Cyber Security Awareness Month 2023 News

Sep 25, 2023 October is Cyber Security Awareness Month, a time for all Australians to improve their cyber security knowledge and take action to protect their information and devices.