Search

Critical Infrastructure Uplift Program (CI-UP)   Program

Apr 16, 2024 - The Critical Infrastructure Uplift Program (CI-UP) offers a range of services that assist critical infrastructure (CI) partners to improve their resilience against cyberattacks.

Implementing SIEM and SOAR platforms   Guidance

May 27, 2025 - SIEM and SOAR platforms can greatly benefit your organisation by collecting, centralising, and analysing important data, detecting cyber security events and incidents and prompting timely intervention.

Guidelines for system management   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on system management.

Serious vulnerabilities in Atlassian products including Confluence, Jira and Bitbucket   Alert

Dec 7, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is concerned about serious vulnerabilities in certain Atlassian products (CVE-2023-22522, CVE-2023-22523 and CVE-2022-1471) which are fixed by recent patches. Operators are urged to review Atlassian’s advice and implement recommended mitigations before exploitation begins.

Protect yourself: Multi-factor authentication   Guidance

Dec 5, 2025 - Multi-factor authentication (MFA) is when you use two or more different types of actions to verify your identity.

IRAP consumer guide   Program

Dec 15, 2020 - An IRAP Assessor will assist you by helping you to understand and implement security controls and recommendations to protect your systems and data.

Password managers   Guidance

May 12, 2025 - Learn how to create and store passwords in a secure location for your important accounts.

Secure your Apple macOS device   Guidance

Nov 29, 2024 - Your Apple macOS device often holds your most important data. Use these simple steps to protect your device from cyberattacks.

Secure your NAS device   Guidance

Nov 29, 2024 - Protect your network-attached storage (NAS) device and the important data it holds with this guide.

Critical vulnerability in Oracle E-Business Suite   Alert

Oct 7, 2025 - ASD’s ACSC recommends organisations update affected products to the latest versions and follow the advice detailed in the Oracle Security Advisory.

2020-002: Critical Vulnerabilities for Microsoft Windows, Patch Urgently   Advisory

Jan 15, 2020 - If you or your organisation uses any of the affected products, the ACSC recommends that you apply the patches urgently.

Internet of Things devices   Guidance

Apr 11, 2023 - IoT devices can include smart televisions, security cameras and fridges. Learn how to buy and use IoT devices securely.

IRAP application form   Program

May 7, 2024 - IRAP application form

Essential Eight Maturity Model Update   News

Nov 27, 2023 - The Australian Signals Directorate has updated the Essential Eight Maturity Model (E8MM).

Protecting your staff   Guidance

Apr 11, 2023 - An incident response plan can help organisations to respond to cybersecurity incidents while continuing to conduct business operations.

So you think you've been hacked  

Sep 1, 2022 - Use our interactive tool to find out what to do learn what steps to take if you think you’re the a victim of a cybercrime.

How to dispose of your device securely   Guidance

May 18, 2022 - You should consider that any devices you dispose of could be accessed by strangers.

Limited use obligation is now law   News

Dec 10, 2024 - On 29 November 2024, the Intelligence Services and Other Legislation Amendment (Cyber Security) Act 2024 became law.

The Case for Memory Safe Roadmaps – Joint Cyber Security Guide   News

Dec 7, 2023 - In partnership with our international partners we released a joint cyber security guidance on Secure-by-Design memory safe roadmaps.

Netlogon elevation of privilege vulnerability (CVE-2020-1472)   Alert

Sep 22, 2020 - The ACSC is aware of a recently disclosed critical vulnerability in Microsoft Active Directory Domain Controller systems that allows unauthenticated attackers to trivially access administrative credentials.