Search

Educational pack for seniors   Guidance

Jun 23, 2023 - This educational pack provides engaging content to help seniors learn how to stay cyber secure. Practical steps and topics range from a basic to advanced level.

Netlogon elevation of privilege vulnerability (CVE-2020-1472)   Alert

Sep 22, 2020 - The ACSC is aware of a recently disclosed critical vulnerability in Microsoft Active Directory Domain Controller systems that allows unauthenticated attackers to trivially access administrative credentials.

You can’t outsource risk: Advice for using cloud services   News

Oct 20, 2025 - Discover your shared responsibilities when using a cloud service provider.

IoT Secure by Design guidance for manufacturers   Publication

Sep 21, 2023 - This guidance has been produced for manufacturers in order to help them implement thirteen Secure by Design principles.

Multiple high-severity vulnerabilities in F5 products and incident impacting F5   Alert

Oct 16, 2025 - F5 has released multiple security advisories affecting BIG-IP, BIG-IP Next, F5OS, and Silverline products. The most critical issues include vulnerabilities in SCP/SFTP, SSL/TLS, HTTP/2, and TMM components, with several rated high (CVSS up to 8.8). Exploitation could allow remote code execution, data exposure, or denial of service.

The Case for Memory Safe Roadmaps – Joint Cyber Security Guide   News

Dec 7, 2023 - In partnership with our international partners we released a joint cyber security guidance on Secure-by-Design memory safe roadmaps.

Infamous Chisel   Advisory

Aug 31, 2023 - Malware Analysis Report.
A collection of components designed to enable remote access and exfiltrate information from Android phones.

Microsoft's investment in Australia’s cyber security   News

Oct 24, 2023 - The Prime Minister has announced Microsoft’s $5 billion commitment to building Australia’s cyber defence.

Creating Strong Passphrases   Guidance

Oct 6, 2021 - The longer your passphrase, the better. As adversaries can crack a short password with very little effort or time, you can increase the time and effort it takes by using a passphrase instead.

Report and recover from identity theft   Guidance

Nov 14, 2024 - Know where to make a report and get help if someone has stolen your personal or business identity.

Introduction of legislative change for Limited Use obligation    News

Oct 31, 2024 - On 9 October 2024, the Australian Government introduced the Intelligence Services and Other Legislation Amendment (Cyber Security) Bill 2024 into Parliament. The Bill amends the Intelligence Services Act 2001 to legislate a Limited Use obligation for the Australian Signals Directorate (ASD).

Implementing SIEM and SOAR platforms   Guidance

May 27, 2025 - SIEM and SOAR platforms can greatly benefit your organisation by collecting, centralising, and analysing important data, detecting cyber security events and incidents and prompting timely intervention.

Guidelines for email   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on email.

Essential Eight Maturity Model Update   News

Nov 27, 2023 - The Australian Signals Directorate has updated the Essential Eight Maturity Model (E8MM).

Cyber security for charities and not-for-profit organisations   News

Mar 18, 2024 - With cyber-attacks continuing to increase in frequency and severity across all sectors, the Australian Signals Directorate is encouraging charities and not-for-profit organisations to take action to protect their online systems.

Guidelines for enterprise mobility   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on enterprise mobility.

Security tips for online gaming   Guidance

Mar 1, 2024 - The world of online gaming is a popular target for scammers and cybercriminals. Gaming accounts can provide access to game licenses and linked payment methods making them highly valuable.

Guidelines for cybersecurity documentation   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity documentation.

Malware   Threat

Nov 10, 2023 - Malware (short for 'malicious software') is software that cybercriminals use to harm your computer system or network. Cybercriminals can use malware to gain access to your computer without you knowing, in targeted or broad-based attacks.

Page not found  

Jun 14, 2020 - Page not found for error 404

Guidelines for communications systems   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on communications systems.

Take action this Cyber Security Awareness Month   News

Oct 1, 2025 - Don’t get caught missing in action this Cyber Security Awareness Month.

Passphrases  

Protect your accounts from cybercriminals with a secure password or passphrase.

Delivering the goods in cyber security resilience to the transport and logistics sector   News

Oct 27, 2022 - National Cyber Security Exercise Series: Australia’s transport and logistics sector – May to August 2023

Advisory 2021-002: Active exploitation of vulnerable Microsoft Exchange servers   Advisory

Mar 26, 2021 - On 2 March 2021 Microsoft released information regarding multiple exploits being used to compromise instances of Microsoft Exchange Server. Malicious actors are exploiting these vulnerabilities to compromise Microsoft Exchange servers exposed to the internet, enabling the malicious actor to access email accounts and to enable further compromise of the Exchange server and associated networks.

Kaseya VSA Supply-Chain Ransomware Attack   Alert

Jul 12, 2021 - Patch now available for Kaseya VSA platform.

Cybercriminals scanning Australian entities for serious cyber vulnerability   News

Dec 21, 2021 - Australians must urgently patch applications and software products as malicious cyber adversaries conduct thousands of scans in search of the vulnerability related to the critical Log4j software flaw.

Conti ransomware incidents in Australia   Alert

Dec 10, 2021 - Multiple Australian organisations have been impacted by Conti ransomware in November and December 2021.

Widespread outages relating to CrowdStrike software update   Alert

Jul 21, 2024 - A CrowdStrike software update has led to outages impacting Windows systems.

Critical vulnerability identified in Apple iOS and macOS   Alert

Feb 12, 2022 - A Remote Code Execution vulnerability has been identified in certain versions of Apple WebKit, affecting iOS and macOS devices. Affected users of these devices should update their devices as soon as possible.