Search

Detecting Socially Engineered Messages Publication

Oct 6, 2021 Socially engineered messages pose a significant threat to organisations. They can have a big impact, helping malicious actors access accounts, systems or sensitive information. Learn how to spot a socially engineered message, including through email, SMS, social media or messaging apps.

An Introduction to Securing Smart Places Publication

Nov 21, 2022 Smart places, also known as smart cities, are places designed to provide enhanced services to citizens using a collection of smart information technology (IT)-enabled systems and devices that capture, communicate and analyse data. To achieve this purpose, previously discrete technologies and systems are interconnected to allow for large-scale coordination, real-time decision making, and increased visibility and situational awareness of the smart place’s status.

Implementing Network Segmentation and Segregation Publication

Oct 6, 2021 Learn about practical strategies to make it harder for malicious actors to access sensitive data. This guidance is for those responsible for an organisation’s network architecture and design.

Restricting Administrative Privileges Publication

Nov 27, 2023 Learn how to restrict the use of administrative privileges. Restricting administrative privileges forms part of the Essential Eight from the Strategies to Mitigate Cyber Security Incidents.

Information Security Manual (ISM)

Sep 26, 2024 The Information Security Manual (ISM) is a cyber security framework that an organisation can apply, using their risk management framework, to protect their information technology and operational technology systems, applications and data from cyber threats.

Domain Name System Security for Domain Owners Publication

Oct 6, 2021 This publication provides information on DNS security for domain owners. It also shared helpful strategies to reduce the risk of domain misuse.

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities Advisory

Dec 23, 2021 Malicious cyber actors are actively scanning networks to potentially exploit Log4Shell, CVE-2021-45046, and CVE-2021-45105 in vulnerable systems. According to public reporting, Log4Shell and CVE-2021-45046 are being actively exploited. This joint Cybersecurity Advisory is to provide mitigation guidance on addressing vulnerabilities.

Important Vulnerabilities in Microsoft’s May 2023 Security Update Alert

May 11, 2023 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is concerned about vulnerabilities disclosed in Microsoft’s May 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations.

Recovering a compromised online account Guidance

Nov 10, 2023 Online accounts are important for our day-to-day activities and often store sensitive information about us. This can make them useful for cybercriminals looking to gain access to our resources or identities.

Safe software deployment: how software manufacturers can ensure reliability for customers Publication

Oct 25, 2024 It is critical for all software manufacturers to implement a safe software deployment program supported by verified processes, including robust testing and measurements.

Essential Eight Maturity Model and ISM Mapping Publication

Oct 2, 2024 This publication provides a mapping between the Essential Eight and the controls within the Information Security Manual (ISM).

Malicious Email Mitigation Strategies Publication

Oct 6, 2021 Socially engineered emails containing malicious attachments and embedded links are routinely used in targeted cyber intrusions against organisations. This publication has been developed to provide mitigation strategies for the security risks posed by these malicious emails.

System monitoring

Dec 3, 2020 This page lists publications on performing effective system monitoring.

Recovering a compromised email account Guidance

Nov 10, 2023 Email accounts are valuable targets for cybercriminals. Not just because they store sensitive messages, but also because they can be used to impersonate the account owner, to spread scams, and to perform password resets.

2020-003: Mailto ransomware incidents Alert

Feb 6, 2020 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of recent ransomware incidents involving a ransomware tool known as ‘Mailto’ or ‘Kazakavkovkiz’. Mailto belongs to the KoKo ransomware family.

The ASD's ACSC asks, ‘Have you been hacked?’ News

Aug 16, 2022 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has launched a new online tool to help people who may be a victim of a cyber attack – Have you been hacked?

ASD's ACSC participation in Asia Pacific Computer Emergency Response Team (APCERT) Drill News

Aug 25, 2021 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has joined international partners in the annual Asia Pacific Computer Emergency Response Team (APCERT) Drill.

ASD's ACSC urges victims to report cybercrimes News

Jul 17, 2023 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is urging all Australians to report cybercrimes immediately to ReportCyber amid the growing number of cybercrimes impacting Australians.

Avaddon Ransomware Alert

May 8, 2021 Increase in Avaddon ransomware attacks in Australia.

Critical Vulnerability affecting Fortinet’s FortiClientEMS Alert

Mar 22, 2024 ASD’s ACSC is aware of a critical vulnerability (CVE-2023-48788) affecting Fortinet’s FortiClientEMS. Organisations are strongly encouraged to take immediate action to ensure affected instances are patched and investigate for potential compromise.

Critical vulnerability in certain Hikvision products, IP cameras Alert

Sep 22, 2021 A critical vulnerability exists in Hikvision products, including IP cameras, which could allow a cyber actor to take full control of the device. Affected Australian customers should apply an appropriate firmware update provided by Hikvision.

Cyber security is essential when preparing for COVID-19 Advisory

Mar 13, 2020 In light of the COVID-19 pandemic, organisations are developing strategies to protect staff and vulnerable members of our community.

ForgeRock Open AM critical vulnerability Alert

Jul 7, 2021 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed active exploitation of a vulnerability in ForgeRock OpenAM (reported as CVE-2021-35464) against a number of Australian organisations. The ASD’s ACSC strongly recommends organisations urgently apply available patches or workarounds to mitigate the risk of this vulnerability being exploited.

How the ASD's ACSC can help during a cyber security incident News

Sep 11, 2023 The Australian Signal’s Directorate’s Australian Cyber Security Centre’s (ASD's ACSC) incident management capabilities provide technical advice and assistance to support Australian organisations through a cyber security incident response.

Kaseya VSA Supply-Chain Ransomware Attack Alert

Jul 12, 2021 Patch now available for Kaseya VSA platform.

LockBit 2.0 ransomware incidents in Australia Alert

Aug 5, 2021 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed an increase in reporting of LockBit 2.0 ransomware incidents in Australia.

Microsoft's investment in Australia’s cyber security News

Oct 24, 2023 The Prime Minister has announced Microsoft’s $5 billion commitment to building Australia’s cyber defence.

Potential exploitation of Click Studio’s PasswordState software Alert

Apr 27, 2021 On 24 April 2021, Australian software company Click Studios announced a compromise of the software update process for their enterprise password management software PasswordState, used by organisations in Australia and globally.

Remote code execution vulnerability present in Atlassian Confluence Server and Data Center Alert

Jun 5, 2022 A critical unauthenticated remote code execution vulnerability (CVE-2022-26134) has been identified in all supported versions of Atlassian Confluence Server and Data Center. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) recommends organisations restrict internet access to and from affected devices.

Remote code execution vulnerability present in SonicWall SMA 100 series appliances Alert

Jan 19, 2022 A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.