You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 81 - 100 of 677 results.
Are your organisation’s edge devices secure? News
Feb 5, 2025 - New publication series for executives and IT practitioners on how to secure edge devices.
Don’t take BADCANDY from strangers – How your devices could be implanted and what to do about it Advisory
Oct 31, 2025 - ASD recommends that system operators take the following actions to remove the BADCANDY implant if compromised and to mitigate the risk of re-exploitation.
Update your devices to keep cybercriminals out News
May 3, 2021 - Updating the software on electronic devices is one of the easiest and most important ways all Australians can defend against cybercriminals and be protected from online threats.
Hardening Microsoft 365, Office 2021, Office 2019 and Office 2016 Publication
Jul 24, 2023 - Workstations are often targeted by malicious actors using malicious websites, emails or removable media in an attempt to extract sensitive information. Hardening applications on workstations is an important part of reducing this risk.
CVE-2024-24919 - Check Point Security Gateway Information Disclosure Alert
May 31, 2024 - The ASD’s ACSC is aware of CVE-2024-24919 that enables access of sensitive information to an unauthorised actor.
ASD's ACSC Annual Cyber Threat Report, July 2019 to June 2020 Reports and statistics
Sep 3, 2020 - This report has been jointly produced by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the ACIC and the AFP, and is the first unclassified annual threat report since the ASD's ACSC became part of the ASD in July 2018. The report identifies and describes key cyber security threats targeting Australian systems and networks, and provides a range of examples and real-world case studies of malicious activity targeting Australian networks, between July 2019 and June 2020. It provides mitigation advice that all Australians and organisations can take to defend against these threats.
Improve your cyber security with the Quad Cyber Challenge! News
Apr 6, 2023 - The challenge is aimed at promoting responsible cyber security practices across Australia, India, Japan and the United States.
Summary of Tradecraft Trends for 2019-20 Alert
May 20, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) investigated and responded to numerous cyber security incidents during 2019 and 2020 so far.
VMware vCenter Server plugin remote code execution vulnerability (CVE-2021-21972) Alert
Feb 25, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) advises users of VMware vCenter Server products, including as part of VMware Cloud Foundation, to ensure their systems are promptly patched after the recent disclosure of a new remote code execution vulnerability.
After you've made a purchase Guidance
Once you’ve made a purchase you still need to remain vigilant. Cybercriminals can target you even after you’ve made a purchase on a legitimate website. Learn what to look out for after you’ve bought something online.
Bulletproof defense: mitigating risks from bulletproof hosting providers Publication
Nov 20, 2025 - This document provides internet service providers (ISPs) and network defenders recommendations to mitigate potential cybercriminal activity enabled by bulletproof hosting (BPH) providers.
Cloud computing security for cloud service providers Publication
Jan 18, 2024 - This publication is designed to assist cloud service providers (CSPs) in offering secure cloud services. It can also assist assessors in validating the security posture of a cloud service, which is often verified through an Infosec Registered Assessors Program (IRAP) assessment of the CSP services.
"Bulletproof" hosting providers Publication
Jan 22, 2025 - Bulletproof hosting (BPH) providers lease cybercriminals a virtual and/or physical infrastructure from which to operate. BPH providers are a specific class of internet infrastructure service that enables malicious actors (including cybercriminals) to host illicit content and run operations on the internet.
Managed service providers: How to manage risk to customer networks Publication
Oct 6, 2021 - There are several mitigation strategies that managed service providers can implement to protect their own networks and manage the security risks posed to their customers’ networks.
Marketing and filtering email service providers Publication
Oct 6, 2021 - This publication provides high level guidance on how to use email service providers (ESPs) in particular deployment scenarios. The considerations and controls described in that publication also apply to ESPs sending email on other organisations’ behalf.
Questions to ask managed service providers Publication
Oct 6, 2021 - Asking the right questions to managed service providers can help organisations better understand the cyber security of their systems and the services they provide.
New guidance for mitigating risks from bulletproof hosting providers News
Nov 20, 2025 - Get recommendations for ISPs and network defenders to counter cybercriminal activity enabled by bulletproof hosting providers without disrupting legitimate services.
"Bulletproof" hosting providers are not so bulletproof News
Jan 22, 2025 - Many cybercriminals rely on Bulletproof Hosting (BPH) providers to carry out their unlawful activities. Read our new publication to find out more about the role that BPH providers play in the cybercrime ecosystem.
Cyber threat actors compromising networks of major global telecommunications providers News
Dec 4, 2024 - New guidance is available for network defenders of communications infrastructure to strengthen visibility and harden devices against PRC-affiliated and other malicious cyber actors.
Joint advisory released for Managed Service Providers and Customers to mitigate cybersecurity risks News
May 12, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has today joined with international cyber security agency partners, to warn Managed Service Providers (MSP) of pressing cyber risks and provide guidance on suitable mitigations for them and their customers.
