Search

Online shopping   Guidance

Nov 7, 2023 - Be secure when shopping online.

BADBAZAAR and MOONSHINE: Technical analysis and mitigations   Advisory

Apr 9, 2025 - This guidance has been jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC Cyber League. Its provides new and collated threat intelligence on two spywares known as MOONSHINE and BADBAZAAR with guidance for how App store operators, developers and social media companies can keep their users safe.

The Silent Heist: Cybercriminals use information stealer malware to compromise corporate networks   News

Sep 2, 2024 - New advisory released on information stealer malware used in cybercrime attacks.

Report and recover from a data breach   Guidance

Jul 14, 2023 - A data breach occurs when sensitive or personal information is accessed, disclosed or exposed to unauthorised people.

Australian Information Security Evaluation Program (AISEP)   Program page

Jul 2, 2025 - The Australian Information Security Evaluation Program (AISEP) evaluates and certifies products to provide a level of assurance in its security functionality in order to protect systems and data against cyberthreats. These evaluation activities are certified by the Australian Certification Authority (ACA).

Identifying and Mitigating Living Off the Land Techniques   Advisory

Feb 8, 2024 - This Guide, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and the following agencies (hereafter referred to as the authoring agencies), provides information on common living off the land (LOTL) techniques and common gaps in cyber defense capabilities.

The Commonwealth Cyber Security Posture in 2024   Reports and statistics

Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cybersecurity measures implemented across the Australian Government for the 2023–24 financial year.

Supporting Australian organisations through a cybersecurity incident   Guidance

Dec 18, 2024 - Malicious cyber activity continues to pose a significant risk to Australia’s security and prosperity. Australian organisations that have been, or may be impacted by a cybersecurity incident, are encouraged to reach out to the Australian Signal’s Directorate (ASD) to seek  technical incident response advice and assistance.

2021-006: ASD's ACSC Ransomware Profile - Lockbit 2.0   Advisory

Aug 5, 2021 - The LockBit ransomware restricts access to corporate files and systems by encrypting them into a locked and unusable format. Victims receive instructions on how to engage with the offenders after encryption. LockBit affiliates have successfully deployed ransomware on corporate systems in a variety of countries and sectors, including Australia, where the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of numerous incidents since 2020. LockBit affiliates are known to implement the ‘double extortion’ technique by uploading stolen and sensitive victim information to their dark web site ‘LockBit 2.0’, and threatening to sell and/or release this information if their ransom demands are not met.

#StopRansomware: Play ransomware   Advisory

Jun 5, 2025 - This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.

Home  

Jul 19, 2022 - Welcome to the Australian Cyber Security Centre website - cyber.gov.au

Seniors  

Jun 23, 2023 - This guide provides some simple steps and resources to protect your personal information, accounts and life savings when going online.

Watch out for threats  

Nov 2, 2022 - Know what to look for to stay in control of your devices and applications.

Cloud computing security for tenants   Publication

Jan 18, 2024 - This publication is designed to assist an organisation’s cybersecurity team, cloud architects and business representatives to jointly perform a risk assessment and use cloud services securely.

After you've made a purchase   Guidance

Once you’ve made a purchase you still need to remain vigilant. Cybercriminals can target you even after you’ve made a purchase on a legitimate website. Learn what to look out for after you’ve bought something online.

Turn on multi-factor authentication  

Nov 9, 2022 - Protect your important accounts with extra login steps.

Threats  

Common online security risks and advice on what you can do to protect yourself.

2022-02: Australian organisations should urgently adopt an enhanced cyber security posture   Advisory

Apr 28, 2022 - Entities should follow ACSC advice and act on improving their resilience within a heightened threat environment.

Priority logs for SIEM ingestion: Practitioner guidance   Publication

May 27, 2025 - This document is again intended for cyber security practitioners and provides detailed, technical guidance on the logs that should be prioritised for SIEM ingestion. It covers log sources including Endpoint Detection and Response tools, Windows/Linux operating systems, and Cloud and Network Devices.

Best practices for event logging and threat detection   News

Aug 22, 2024 - Today we have released new event logging guidance, alongside our international partners, that defines the baseline for logging best practices to mitigate malicious cyber threats.

Secure your social media   Guidance

Jul 29, 2024 - Keep your social media secure by using these tips. Learn how to protect your accounts, privacy and information.

APT40 Advisory   Advisory

Jul 9, 2024 - This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre and international partners, outlines a People’s Republic of China (PRC) state-sponsored cyber group and their current threat to Australian networks.

Protect yourself: Multi-factor authentication   Guidance

Oct 14, 2022 - Multi-factor authentication (MFA) is when you use two or more different types of actions to verify your identity.

Personal cyber security: First steps guide   Guidance

Apr 14, 2023 - The first of three cyber security guides in the personal cyber security series is designed to help everyday Australians understand a basic level of cyber security and how to take action to protect themselves from cyber threats.

Set up and perform regular backups  

Nov 9, 2022 - Backing up and having backups mean you can restore your files if something goes wrong. It is a precautionary measure so that your data is accessible in case something happens to your computer.

Mitigation strategies for edge devices: Executive guidance   Publication

Feb 4, 2025 - This publication provides a high-level summary of ASD’s existing guidance to manage and secure edge devices effectively. It is intended for executives in large organisations and critical infrastructure providers that are responsible for the deployment, operation, security, and maintenance of enterprise networks. ASD is soon to release a comprehensive technical publication on mitigation strategies for edge devices for practitioners.

PRC State-Sponsored Cyber Activity   Advisory

Mar 20, 2024 - This fact sheet provides an overview for executive leaders on the urgent risk posed by People’s Republic of
China (PRC) state-sponsored cyber actors known as "Volt Typhoon."

Set secure passphrases  

Jul 30, 2024 - Where multi-factor authentication is not available, a strong passphrase is your best defence. 

Report  

Apr 11, 2023 - Report a cybercrime, incident or vulnerability.

ASD's ACSC social media community  

Connect with us on Facebook, Twitter and YouTube, and find out how to subscribe to our RSS feeds.