You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 481 - 510 of 664 results.
CVE-2024-24919 - Check Point Security Gateway Information Disclosure Alert
May 31, 2024 - The ASD’s ACSC is aware of CVE-2024-24919 that enables access of sensitive information to an unauthorised actor.
Business Continuity in a Box Guidance
Aug 21, 2024 - Business Continuity in a Box assists organisations to swiftly and securely stand up critical business functions during or following a cybersecurity incident that has affected the availability or trust of existing systems.
Update your devices to keep cybercriminals out News
May 3, 2021 - Updating the software on electronic devices is one of the easiest and most important ways all Australians can defend against cybercriminals and be protected from online threats.
Gateway security guidance package: Overview Publication
Jul 29, 2022 - This page provides an overview of ASD’s Gateway security guidance package.
Critical vulnerabilities in Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways Alert
Jan 9, 2025 - Ivanti has identified critical vulnerabilities affecting Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways. Customers should update to available patched versions immediately and monitor Ivanti’s Security Advisory for further advice.
How to become an IRAP Assessor Program page
Aug 15, 2024 - IRAP Assessors are ASD-endorsed ICT professionals from across Australia who have the necessary experience and qualifications in ICT security assessment and risk management, and a detailed knowledge of ASD's Information Security Manual.
Data breaches Threat
Aug 30, 2023 - Sometimes personal information is released to unauthorised people by accident or as the result of a security breach. For example, an email with personal information can be sent to the wrong person, or a computer system can be hacked and personal information stolen. These are known as data breaches or data spills.
Kaseya VSA Supply-Chain Ransomware Attack Alert
Jul 12, 2021 - Patch now available for Kaseya VSA platform.
Security tips for remote working Guidance
Jul 29, 2024 - As an employee, you may be more at risk when working away from the office. Learn how to stay secure while working from home or remotely.
Critical remote code execution vulnerability found in the Log4j library Alert
Dec 21, 2021 - A vulnerability (CVE-2021-44228) exists in certain versions of the Log4j library. A malicious cyber actor could exploit this vulnerability to execute arbitrary code. Australian organisations should apply latest patches immediately where Log4j is known to be used.
Antivirus software Guidance
Apr 11, 2023 - The consequences of viruses, spyware and other malicious software can be serious and far reaching. Follow our guidance about using antivirus software.
Traffic Light Protocol (TLP) Hidden
The Traffic Light Protocol is a set of Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) designations used to ensure that information is shared with the correct audience.
Information Security Registered Assessor Program (IRAP) News
Dec 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is further enhancing cyber security assessment and training, improving cyber skills, and creating new cyber careers for Australians through the Information Security Registered Assessor Program (IRAP).
Guidelines for evaluated products Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on evaluated products.
Seeking industry feedback on new ASD Foundations for Secure-by-Design News
Nov 2, 2023 - Have your say on how Secure-by-Design practices should look.
Cisco IOS XE Software Web UI Zero Day Vulnerability Alert
Oct 25, 2023 - A previously unknown vulnerability (CVE-2023-20198) in the web UI feature of Cisco IOS XE Software could allow a malicious actor to take control of vulnerable devices. All Australian organisations should follow the recommendations published by Cisco.
Sextortion email campaign impacting Australians Alert
Apr 16, 2020 - A large number of Australians are being impacted by an email ‘sextortion’ campaign in which the cyber scammers responsible have threatened to release personal and sensitive information to the recipients’ contacts unless the scammer is paid in cash or bitcoin.
Property-related business email compromise scams rising in Australia Alert
Aug 30, 2021 - Cybercriminals are targeting the property and real estate sector to conduct business email compromise scams. All parties involved in the buying, selling and leasing of property should be vigilant when communicating via email, particularly during settlement periods.
The Silent Heist: Cybercriminals use information stealer malware to compromise corporate networks News
Sep 2, 2024 - New advisory released on information stealer malware used in cybercrime attacks.
Critical vulnerabilities in Ingress-NGINX Controller for Kubernetes Alert
Mar 26, 2025 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of critical vulnerabilities affecting Ingress-NGINX Controller for Kubernetes. Customers should update to the latest patched version immediately.
Sextortion campaign - What to do if you receive the email Advisory
Apr 16, 2020 - In most cases, there is no reason to be concerned. These emails are typically generated in their thousands by online scammers using limited personal details, with the aim of intimidating recipients into paying the ransom.
Joint statement - attribution to Russia for malicious cyber activity against European networks News
May 11, 2022 - Australia and international partners shine a light on Russia’s ongoing unacceptable activity in cyberspace.
New cyber security advice for families News
May 2, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has released new guidance to help you protect your family online.
Microsoft introduces Exchange Emergency Mitigation service News
Oct 1, 2021 - Microsoft has launched a new optional protection for Microsoft Exchange servers.
End of support Guidance
Jul 29, 2024 - ‘End of support’ is when software is no longer support by the product developer that makes it. It will no longer receive security updates, general software updates or technical support.
Critical vulnerability in ManageEngine ADSelfService Plus exploited by cyber actors Alert
Sep 24, 2021 - A vulnerability exists in certain versions of ManageEngine ADSelfService Plus. A cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian organisations should apply the available security update.
Cybercriminals targeting construction companies to conduct email scams Alert
Jul 6, 2021 - Cybercriminals are targeting construction companies to conduct business email compromise scams. All parties to construction projects should be vigilant when emailing about invoices and bank details.
IRAP resources Program page
Feb 5, 2025 - IRAP resources
Malware Threat
Nov 10, 2023 - Malware (short for 'malicious software') is software that cybercriminals use to harm your computer system or network. Cybercriminals can use malware to gain access to your computer without you knowing, in targeted or broad-based attacks.
Cyber security is essential when preparing for COVID-19 Advisory
Mar 13, 2020 - In light of the COVID-19 pandemic, organisations are developing strategies to protect staff and vulnerable members of our community.
