Search

Log4j: What Boards and Directors Need to Know   Advisory

Jan 7, 2022 - Log4j is a software library used as a building block found in a wide variety of Java applications. The Log4j vulnerability – otherwise known as Log4Shell – is trivial to exploit, and represents a significant business continuity risk. This publication outlines what Boards and Directors need to know in order to protect their businesses.

ASD's ACSC Threat Report 2015   Reports and statistics

Jul 15, 2015 - This report describes the range of cyber adversaries targeting Australian networks, their motives, and the type of malicious activities they are conducting and their impact on Australian networks during 2014. It also offers mitigation advice on how organisations can defend against these activities.

Critical vulnerability in certain versions of Apache HTTP Server   Alert

Oct 8, 2021 - A vulnerability exists in Apache HTTP Server 2.4.49. A cyber actor could exploit this vulnerability to execute arbitrary code. Initial information also indicates that the vulnerability could also be used perform remote code execution under certain configurations. Affected Australian organisations should apply the available patch.

Exploitation of Microsoft Office vulnerability: Follina   Alert

Jun 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.

Potential Accellion File Transfer Appliance compromise   Alert

Feb 25, 2021 - The ACSC has identified Australian organisations that may have been impacted by the Accellion File Transfer Appliance vulnerability and have provided mitigation recommendations.

Principles of operational technology cybersecurity   Publication

Oct 2, 2024 - Critical infrastructure organisations provide vital services, including supplying clean water, energy, and transportation, to the public. These organisations rely on operational technology (OT) to control and manage the physical equipment and processes that provide these critical services. As such, the continuity of vital services relies on critical infrastructure organisations ensuring the cybersecurity and safety of their OT.

Security configuration guide: Viasat Mobile Dynamic Defense   Publication

Oct 6, 2021 - ASD has developed this guide to assist Australian’s to understand risks when deploying Viasat MDD devices and the security requirements that need to be met to allow them to handle classified data.

Limited Use    Guidance

Dec 3, 2024 - The limited use obligation for the Australian Signals Directorate (ASD) has been legislated to add additional protections to the information organisations voluntarily provide to ASD, and to the information acquired or prepared by ASD with the consent of an organisation.

2020-002: Critical vulnerabilities for Microsoft Windows   Alert

Jan 15, 2020 - On 15 January 2020 (AEDT), Microsoft released security patches for three critical and one important vulnerabilities in the Microsoft Remote Desktop Client, Remote Desktop Gateway and the Windows operating system. The ACSC recommends that users of these products apply patches urgently to prevent malicious actors from using these vulnerabilities to compromise your network.

Cyber Skills Framework   Publication

Sep 10, 2020 - The Cyber Skills Framework enables targeted recruitment of cyber specialists, provides a development pathway for current and future cyber staff, and aligns skills, knowledge and attributes with national and international industry standards.

Critical Vulnerability in popular Java framework Apache Struts2   Alert

Dec 14, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is concerned about a critical Remote Code Execution (RCE) vulnerability in Apache Struts2. This primarily affects Java applications which use this framework. Apache Struts2 is widely used in enterprise and bespoke Java applications.

ASD's Blueprint for Secure Cloud   Publication

Feb 21, 2024 - The Blueprint provides better practice guidance, configuration guides and templates covering risk management, architecture and standard operating procedures developed as per the controls in ASD’s Information security manual (ISM).

Gateway security guidance package: Gateway security principles   Publication

Jul 29, 2022 - Guidance written for audiences responsible for the procurement, operation and management of gateways.

Domain Name System security for domain resolvers   Publication

Oct 6, 2021 - This publication explores DNS security for recursive resolution servers. It also shares helpful strategies to reduce the risk of DNS resolver subversion or compromise.

Gootkit Loader continues to be used on multiple Australian networks   Advisory

Dec 23, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) continues to observe instances of Gootkit JavaScript (JS) Loaders on multiple Australian networks in 2022. Open source reporting also indicates continued Gootkit activity.

Hardening Microsoft Windows 10 and Windows 11 workstations   Publication

Jul 16, 2024 - This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 10 and Windows 11. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 10 version 22H2 and Windows 11 version 23H2.

Using the Information security manual   Advice

Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on using the ISM.

Gateway security guidance package: Overview   Publication

Jul 29, 2022 - This page provides an overview of ASD’s Gateway security guidance package.

Detecting socially engineered messages   Publication

Oct 6, 2021 - Socially engineered messages pose a significant threat to organisations. They can have a big impact, helping malicious actors access accounts, systems or sensitive information. Learn how to spot a socially engineered message, including through email, SMS, social media or messaging apps.

Social media terms of use  

May 7, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) uses a number of social media services as part of its communications activities. These services include Facebook, Twitter, LinkedIn, Vimeo and YouTube. 

2020-006 Detecting and mitigating exploitation of vulnerability in Microsoft Internet Information Services   Advisory

May 22, 2020 - This advisory provides indicators of the activity the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed and details proactive advice on detecting and mitigating potential exploitation of this vulnerability in Microsoft Internet Information Services.

Secure your user account   Guidance

Jan 24, 2024 - A user account is the account you use to sign in on your computer at home, school or work. Cybercriminals will target unsecure accounts and take advantage of poor security habits within the home and businesses. Their goal is to get access to your computer and steal your information. There are many ways to improve your account security, keep your accounts safe and avoid being the victim of a cyberattack.

Security tips for online gaming   Guidance

Mar 1, 2024 - The world of online gaming is a popular target for scammers and cybercriminals. Gaming accounts can provide access to game licenses and linked payment methods making them highly valuable.

Vulnerability disclosure programs explained   Publication

Dec 12, 2024 - A vulnerability disclosure program (VDP) is a collection of processes and procedures designed to identify, verify, resolve and report on vulnerabilities disclosed by people who may be internal or external to organisations. The importance of developing, implementing and maintaining a well thought-out VDP cannot be underestimated. It is an integral part of professional organisations’ business operations.

Windows event logging and forwarding   Publication

Oct 6, 2021 - This publication has been developed as a guide to the setup and configuration of Microsoft Windows event logging and forwarding.

Internet of Things devices   Guidance

Apr 11, 2023 - IoT devices can include smart televisions, security cameras and fridges. Learn how to buy and use IoT devices securely.

Planning for critical vulnerabilities: What the board of directors needs to know   Publication

Dec 14, 2023 - This publication provides information on why it is important that the board of directors is aware of and plan for critical vulnerabilities that have the potential to cause major cybersecurity incidents.

Securing customer personal data   Guidance

Jul 30, 2024 - This guide is focused specifically on the protection of customers’ personal data. Guidance on general cybersecurity for businesses can be found in the Small business cybersecurity guide and the Strategies to mitigate cybersecurity incidents published by ASD’s ACSC.

Industrial control systems: Remote access protocol   Publication

Oct 6, 2021 - External parties may need to connect remotely to critical infrastructure control networks. This access is to allow the manufacturers of equipment used in Australia’s critical infrastructure the ability to maintain the equipment, when a fault is experienced that cannot be fixed in the required timeframe any other method.

Implementing network segmentation and segregation   Publication

Oct 6, 2021 - Learn about practical strategies to make it harder for malicious actors to access sensitive data. This guidance is for those responsible for an organisation’s network architecture and design.