DirectCyber is a CSIRT (Cyber Security Incident Response Team) and CNA (CVE Numbering Authority) based in Australia.

We aim to be a direct effort to combat waves of mass-exploitation of high-severity vulnerabilities in enterprise applications with appalling security, with a focus on charities, non-profits, critical infrastructure, and SMBs that do not have budget for expensive cyber security services.

We track severe vulnerabilities and deliver high-fidelity alerts to organizations with internet-exposed vulnerable assets for free.

If you receive an email, phone call, posted mail, or front-desk delivery from us, it's because one or more of your IT assets are vulnerable to a high-severity vulnerability potentially under active exploitation. Please prioritize patching according to the severity of the issue.

See the vulnerabilities we were tracking each month.