You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for " advice covid 19 protecting your small business " Displaying 481 - 510 of 694 results.
Advisory 2020-004: Remote code execution vulnerability being actively exploited in vulnerable versions of Telerik UI by sophisticated actors Advisory
May 22, 2020 - This advisory is focused around the targeting of CVE-2019-18935 but has significant overlap to the previously released ACSC 2019-126 advisory.
Cloud computing security for executives Publication
Jan 18, 2024 - This publication is designed to provide executives from organisations looking to utilise cloud computing services an overview of the components that make up ‘cloud’ and help understand the security risks to be considered when using cloud computing.
Guidelines for cybersecurity documentation Advice
Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity documentation.
Multiple vulnerabilities in Jenkins products Alert
Jan 30, 2024 - ASD’s ACSC is aware of multiple vulnerabilities impacting Jenkins products including CVE 2024-23897 (Critical) & CVE-2024-23898 (High). Organisations using Jenkins products are strongly advised to follow the mitigation advice provided by Jenkins and patch affected versions.
Industrial control systems: Remote access protocol Publication
Oct 6, 2021 - External parties may need to connect remotely to critical infrastructure control networks. This access is to allow the manufacturers of equipment used in Australia’s critical infrastructure the ability to maintain the equipment, when a fault is experienced that cannot be fixed in the required timeframe any other method.
System hardening and administration
Apr 11, 2023 - It is important for all organisations to maintain the cybersecurity of their systems and data.
Mitigating Log4Shell and Other Log4j-Related Vulnerabilities Advisory
Dec 23, 2021 - Malicious cyber actors are actively scanning networks to potentially exploit Log4Shell, CVE-2021-45046, and CVE-2021-45105 in vulnerable systems. According to public reporting, Log4Shell and CVE-2021-45046 are being actively exploited. This joint Cybersecurity Advisory is to provide mitigation guidance on addressing vulnerabilities.
Cloud security guidance
Jan 18, 2024 - This page lists publications on securing the use of cloud computing services.
System hardening
Dec 2, 2020 - This page lists publications on the hardening of applications and IT equipment.
2020-011: Critical Vulnerability in SAP NetWeaver Application Server (CVE-2020-6287) Advisory
Jul 14, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) recommends users of these products urgently apply available security patches to prevent an adversary from exploiting this vulnerability.
New joint advisory on Russian military cyber tactics released News
Sep 6, 2024 - Russian military cyber tactics, techniques and procedures targeting global critical infrastructure exposed in new joint advisory.
Web conferencing security Publication
Oct 6, 2021 - Web conferencing tools are essential for meeting with colleagues and clients online. This guide provides tips on how to choose a secure web conference provider, and what risks to be aware of.
ASD's ACSC Threat Report 2016 Reports and statistics
Oct 15, 2016 - This is the second Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) Threat Report. It continues to reflect on the experience, focus, and mandates of the ASD's ACSC’s member organisations. The report provides an insight into what the Centre has been seeing, learning, and responding to, focusing on specific areas of change or new knowledge obtained.
Introduction to Cross Domain Solutions Publication
Oct 6, 2021 - This publication introduces technical and non-technical audiences to the concept of a Cross Domain Solution (CDS), a type of security capability that is used to connect discrete systems within separate security domains in an assured manner.
Disclaimer
Jan 8, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) publishes this website to distribute information to the public and government ICT security professionals. We regularly review and update the information provided.
System administration
Dec 3, 2020 - This page lists publications on securely administering systems.
Legacy IT management
Apr 11, 2024 - This page lists publications on managing the risks posed by legacy IT.
Call for presentations
Jul 9, 2025 -
ASD's Blueprint for Secure Cloud Publication
Feb 21, 2024 - The Blueprint provides better practice guidance, configuration guides and templates covering risk management, architecture and standard operating procedures developed as per the controls in ASD’s Information security manual (ISM).
Ransomware targeting Australian aged care and healthcare sectors Alert
Aug 2, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of increased targeting of healthcare, including hospitals and aged care, by ransomware campaigns undertaken by cyber criminals.
Google Releases Security Updates for Chrome Browser Alert
Jun 21, 2021 - On June 17 2021, Google released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. The patch notes for this version can be viewed at Chrome Release Note.
Essential Eight maturity model changes Publication
Nov 27, 2023 - This publication provides an overview of the changes for the November 2023 release.
JCSC virtual presentations on Log4j2 vulnerability – Friday 17 December News
Dec 16, 2021 - A critical alert and advisory has been published on the Log4j2 vulnerability. On Friday 17 December 2021, ASD's ACSC’s Joint Cyber Security Centres (JCSCs) will facilitate a series of virtual awareness and advice sessions about this vulnerability. Australians are urged to act now to secure their computer systems against this critical software vulnerability.
The Silent Heist: Cybercriminals use information stealer malware to compromise corporate networks News
Sep 2, 2024 - New advisory released on information stealer malware used in cybercrime attacks.
Strategies to mitigate cyber security incidents
Aug 30, 2023 - The Australian Signals Directorate has developed prioritised mitigation strategies to help organisations mitigate cyber security incidents caused by various cyber threats.
Remote working and secure mobility
Apr 11, 2023 - With an increase in remote working, it has never been more important to secure the use of mobile devices.
National Exercise Program Program page
Jul 12, 2018 - Our National Exercise Program helps critical infrastructure and government organisations validate and strength Australia's nationwide cyber security arrangements.
Cross Domain Solutions
Dec 3, 2020 - This page lists publications on security domains and trust boundaries.
Remote code execution vulnerability present in Fortinet devices Alert
Oct 13, 2022 - A vulnerability (CVE-2022-40684) has been identified in several Fortinet products running certain versions from 7.0.0 onwards, that could allow a malicious cyber actor to bypass authentication and perform unauthorised actions. Affected Australian organisations should apply the available patch and follow Fortinet’s mitigation advice.
Supply chain compromise of 3CX DesktopApp Alert
Mar 31, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a reported supply chain compromise affecting the 3CX DesktopApp, allowing malicious actors to conduct multi-stage attacks against users of the legitimate software. Australian users of affected versions of 3CX DesktopApp should immediately follow the vendor’s advice and investigate for signs of malicious activity.