This page lists the ACSC’s publications on miscellaneous cyber security topics.
An Examination of the Redaction Functionality of Adobe Acrobat Pro DC 2017
This document provides guidance on the efficacy of redaction facilities within Adobe Acrobat Pro DC 2017 and is intended for information technology and information security professionals within organisations looking to redact sensitive or personal information from PDF documents before releasing them into the public domain or to other third parties.
Defending Against the Malicious Use of the Tor Network
Blocking traffic from the Tor network will prevent adversaries from using the Tor network to easily conduct anonymous reconnaissance and exploitation of systems and typically has minimal, if any, impact on legitimate users. This publication provides guidance on the prevention and detection of traffic from the Tor network.
Domain Name System Security for Domain Owners
This publication provides information on Domain Name System (DNS) security for domain owners, as well as mitigation strategies to reduce the risk of misuse of domains and associated resources. Organisations are recommended to implement the mitigation strategies in this publication to improve the security of their DNS infrastructure.
Domain Name System Security for Domain Resolvers
This publication provides information on Domain Name System (DNS) security for recursive resolution servers, as well as mitigation strategies to reduce the risk of DNS resolver subversion or compromise. Organisations should implement the mitigation strategies in this publication to improve the security of their DNS infrastructure.
Mitigating Drive-by Downloads
Adversaries are increasingly using drive‐by download techniques to deliver malicious software that compromises computers. This document explains how drive‐by downloads operate and how compromise from these techniques can be mitigated.
Mitigating Java-based Intrusions
Java applications are widely deployed by organisations. As such, exploiting security vulnerabilities in the Java platform is particularly attractive to adversaries seeking unauthorised access to organisations’ networks.