Blog
Latest industry news, alerts and information related to cyber security compliance, privacy and governance
Top 5 Cyber Threats to Australian Small Businesses (2025): What Leaders Need to Know
Cyber as a Business Continuity Risk Many Small and Medium Business leaders believe cybersecurity risk is…
Is Australia’s Cyber Security Budget enough?
The government budget for the Australian Cyber Security Strategy Australia’s 2023-2030 Cyber Security Strategy sets an…
Australian Government Response to the Privacy Act Review: Key Highlights
Today the Australian Government has responded to the growing need to progress privacy rights by unveiling…
Preparing for ISO 27001:2022 Transition – A Guide for Australian Companies
In the rapidly evolving digital landscape, safeguarding sensitive data has become a requirement for businesses of…
Australian Privacy Act Reform: Impacts on Small Business
Australia’s Privacy Act 1988 is undergoing significant reform, with over a hundred concrete proposals to strengthen…
APRA Releases New Prudential Standard CPS 230 for Operational Risk Management: What You Need to Know
On 17th July 2023, the Australian Prudential Regulation Authority (APRA) unveiled the final version of Prudential…
Solutions for Cyber security Threats in the iGaming and Online Sports Betting Sector
The iGaming and Online Sports Betting industry faces significant cybersecurity challenges that can have severe consequences…
Mitigating AI Vulnerabilities: 5 Essential Steps
In today’s rapidly evolving digital landscape, organisations are increasingly embracing the power of Artificial Intelligence (AI)…
5 reason to implement ISO 27001
ISO 27001 is an international standard that provides a framework for managing information security. It is…
The Cost of Neglecting Privacy: Real-world Consequences of Security Negligence
In today’s digital landscape, the importance of privacy and data protection cannot be overstated. Neglecting to…
The Human Factor: Strengthening Cyber Security through Awareness Training
This post highlights the critical impact of human error in cyber security incidents and emphasises the…
Data Breaches: 5 steps to reduce your business exposure
In today’s data-driven world, the threat of data breaches looms large for businesses of all sizes….
The Impact of the Australian Privacy Act Review on Small and Medium-Sized Enterprises
In today’s digital age, data privacy is a growing concern for individuals and businesses alike. Recognising…
Critical severity vulnerability in Fortinet FortiOS SSL-VPN
The Australian Cyber Security Centre (ACSC) is aware of a heap-based buffer overflow vulnerability in FortiOS…
Critical vulnerabilities in Citrix Gateway and Application Delivery Controller (ADC) devices
The Australian Cyber Security Centre (ACSC) is aware of a critical vulnerability affecting many versions of…
Optus Data Breach
o help protect against fraud, Optus has notified customers to look to reputable sources such as…
Potential vulnerability associated with Microsoft Exchange
The ACSC is aware of a potential vulnerability associated with Microsoft Exchange Server (Exchange). Australian organisations…
Post-Quantum Cryptography
Exploitation of Microsoft Office vulnerability: Follina
The ACSC is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support…
Remote code execution vulnerability present in Atlassian Confluence Server and Data Center
Exploitation of Microsoft Office vulnerability: Follina
he ACSC is aware of active exploitation of the “Follina” zero-day vulnerability in the Microsoft Support…
Multiple vulnerabilities present in VMware products
The ACSC is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate…
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom are…
Protecting Against Cyber Threats to Managed Service Providers and their Customers
This advisory describes cybersecurity best practices for information and communications technology (ICT), focusing on guidance that…
Multiple vulnerabilities present in F5 products
The ACSC is aware of a F5 Security Advisory Addressing Multiple Vulnerabilities in their BIG-IP Product…
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom are…
2022-02: Australian organisations should urgently adopt an enhanced cyber security posture
Australian organisations encouraged to urgently adopt an enhanced cyber security posture Australian organisations are encouraged to…
Remote code execution vulnerability present in SonicWall SMA 100 series appliances
A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability…
Phone and email scammers impersonating the ACSC
The Australian government will NEVER phone you to request access to your computer, or request you…
2021-007: Log4j vulnerability – advice and mitigations
Critical remote code execution vulnerability found in the Log4j library A vulnerability (CVE-2021-44228) exists in certain…