Search

Consider your cyber hygiene in light of global events   News

Dec 22, 2025 - Around the world, geopolitical tensions remain complex as nations navigate diplomatic, economic, and military challenges. ASD’s ACSC recommends that organisations continue to review their current cyber security posture and maintain sufficient monitoring for cyber threats.

The Commonwealth Cyber Security Posture in 2020   Reports and statistics

Jun 10, 2021 - The Commonwealth Cyber Security Posture Report in 2020 informs the Parliament of the status of the Commonwealth’s cybersecurity posture. Overall, the report found that Commonwealth entities continued to improve their cybersecurity in 2020. Ongoing effort is required to maintain the currency and effectiveness of cybersecurity measures.

Summary of Tactics, Techniques and Procedures Used to Target Australian Networks   Advisory

May 20, 2020 - This advisory provides information on methods to detect many of the TTPs listed. Partners are strongly encouraged to review their environments for the presence of the exploited vulnerabilities and provided TTPs.

APT40 Advisory   Advisory

Jul 9, 2024 - This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre and international partners, outlines a People’s Republic of China (PRC) state-sponsored cyber group and their current threat to Australian networks.

Important Vulnerabilities in Microsoft’s June 2023 Security Update   Alert

Jun 15, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s June 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.

Mitigation strategies for edge devices: Practitioner guidance   Publication

Feb 4, 2025 - This publication expands on Mitigation strategies for edge devices: executive guidance. It provides IT practitioners with a list of mitigation strategies for the most common types of edge devices and appliances across enterprise networks and large organisations.

Managing cryptographic keys and secrets   Publication

Aug 26, 2025 - This guide has been developed to help organisational personnel in understanding the threat environment and the value of implementing secure keys and secrets management to make better informed decisions.

For business and government  

Resources for business and government on cyber security.

Scammers impersonating police to target victims for cryptocurrency/seed wallet theft   Alert

Nov 13, 2025 - The ASD’s ACSC is aware that criminals are using Australia’s national cybercrime reporting channel and impersonating police to try to scam Australians out of funds from their cryptocurrency or seed wallets.

Small business hub  

Sep 30, 2025 - How to protect your small business from common cyber threats.

Update your devices  

Jan 25, 2023 - Updates are new, improved, or fixed versions of software. Regular updates are critical in maintaining a secure system. It's important to check for any updates and make sure that automatic updates are switched on. 

Foundations for modern defensible architecture   Publication

Oct 23, 2025 - The Foundations represent the first step to help organisations adopt a ‘modern defensible architecture’ approach, which will enable them to evolve alongside the threat landscape.

Technical example: Configure macro settings   Publication

Dec 16, 2022 - Configuring macro settings protects an organisation’s systems from malicious macros. Macros are powerful tools. They were introduced to improve productivity however their functionality can also be used by cyber criminals to compromise a user’s system.

Risk management of enterprise mobility (including Bring Your Own Device)   Publication

Oct 6, 2021 - This publication has been developed to provide senior business representatives with a list of enterprise mobility considerations. These include business cases, regulatory obligations and legislation, available budget and personnel resources, and risk tolerance. Additionally, risk management controls are provided for cybersecurity practitioners.

Cyber security for charities and not-for-profits   Guidance

Sep 30, 2025 - How to avoid common cyber threats and protect your mission .

Social media terms of use  

Jan 13, 2026 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) uses a number of social media services as part of its communications activities. These services include Facebook, Twitter, LinkedIn, Vimeo and YouTube. 

Advisory 2020-017: Resumption of Emotet malware campaign   Advisory

Oct 30, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has observed the resumption of an ongoing and widespread campaign of malicious emails designed to spread the Emotet malware across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies.

Implementing certificates, TLS, HTTPS and opportunistic TLS   Publication

Oct 6, 2021 - Transport Layer Security (TLS) is a widely used encryption protocol which enables parties to communicate securely over the internet. Through the use of certificates and Public Key Infrastructure (PKI), parties can identify each other through a trusted intermediary and establish encrypted tunnels for the secure transfer of information.

Cyber security priorities for boards of directors 2025-26   Publication

Oct 30, 2025 - This advice outlines questions boards can ask of management and their organisation to understand its cyber security posture in the current cyber threat environment.

LockBit 2.0 ransomware incidents in Australia   Alert

Aug 5, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed an increase in reporting of LockBit 2.0 ransomware incidents in Australia.