You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 181 - 210 of 664 results.
Sign up for alerts
Nov 14, 2024 - Sign up for alerts on the latest threats and vulnerabilities.
People’s Republic of China (PRC) State-Sponsored Cyber Actor Living Off the Land to Evade Detection Alert
May 25, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC), in conjunction with the United States (US) National Security Agency (NSA) its international partners, has released a Cybersecurity Advisory regarding a PRC state-sponsored cyber actor conducting activity impacting US critical infrastructure (CI) sectors. Because of the potential risk to CI sectors outside the US, all organisations are encouraged to review the published Advisory and report any malicious activity to the ASD's ACSC.
Gateway security guidance package: Executive guidance Publication
Jul 29, 2022 - The purpose of this guidance is to inform decision-makers at the executive level of their responsibilities, the appropriate considerations needed to make informed risk-based decisions, and to meet policy obligations when leading the design or consumption of their organisation’s gateway services.
Multiple vulnerabilities present in the Spring Framework for Java Alert
Apr 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of media reporting relating to multiple potential vulnerabilities, including the so-called SpringShell vulnerability, in the Java Spring framework and its execution environments. These vulnerabilities pose a threat to organisations running applications on the web which contain components using the Java Spring framework.
Advisory 2020-009: Recommendations to mitigate APT actors targeting health sector and COVID-19 essential services Advisory
May 8, 2020 - The ACSC recommends that organisations in the health sector implement the following cyber security mitigations:
The Commonwealth Cyber Security Posture in 2023 Reports and statistics
Nov 16, 2023 - The Commonwealth Cyber Security Posture in 2023 informs Parliament on the implementation of cyber security measures across the Australian Government for the 2022–23 financial year. According to the Flipchart of PGPA Act Commonwealth entities and companies, as of 30 June 2023 the Australian Government comprised 100 non-corporate Commonwealth entities (NCEs), 72 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs); totalling 189 Australian government entities.
Ten things to know about data security Publication
May 16, 2024 - This publication has been developed to assist business owners and information technology managers, particularly those unfamiliar with cybersecurity, with ten things they should know about data security.
National cyber security exercises for Australia’s electricity industry News
Apr 30, 2020 - In November 2019, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) coordinated a national cyber security exercise series in partnership with Australia’s electricity industry and government agencies.
Small Business Google Chromebook and ChromeOS Security Guide Guidance
Nov 12, 2024 - This publication was developed by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) with technical input from Chrome Engineering.
Personal cybersecurity: First steps guide Guidance
Apr 14, 2023 - The first of three cybersecurity guides in the personal cybersecurity series is designed to help everyday Australians understand a basic level of cybersecurity and how to take action to protect themselves from cyberthreats.
Choosing secure and verifiable technologies Publication
Dec 5, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and international partners have provided recommendations in this guide as a roadmap for choosing secure and verifiable technologies.
Mitigation strategies for edge devices: Executive guidance Publication
Feb 4, 2025 - This publication provides a high-level summary of ASD’s existing guidance to manage and secure edge devices effectively. It is intended for executives in large organisations and critical infrastructure providers that are responsible for the deployment, operation, security, and maintenance of enterprise networks. ASD is soon to release a comprehensive technical publication on mitigation strategies for edge devices for practitioners.
Domain Name System security for domain resolvers Publication
Oct 6, 2021 - This publication explores DNS security for recursive resolution servers. It also shares helpful strategies to reduce the risk of DNS resolver subversion or compromise.
Meltdown and Spectre patches unsuitable for some security products Advisory
Jan 11, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of reporting that a variety of security products (e.g. antivirus solutions) are incompatible with Microsoft's patches for the Meltdown and Spectre vulnerabilities.
Joint cybersecurity advisory released on 2021's top routinely exploited vulnerabilities News
Apr 28, 2022 - Malicious cyber actors are aggressively targeting newly-disclosed and dated critical software vulnerabilities against a broad range of targets, including public and private sector organisations worldwide.
Cybersecurity incident response planning: Executive guidance Publication
Dec 12, 2024 - The Australian Signals Directorate (ASD) is responsible for monitoring and responding to cyberthreats targeting Australian interests. Reporting cybersecurity incidents to ASD ensures that timely assistance can be provided, if required. This may be in the form of investigations or remediation advice.
How to manage your security when engaging a Managed Service Provider Publication
Oct 6, 2021 - Understand the actions organisations can take to manage the security risks posed by engaging and authorising network access for managed service providers.
Managed service providers: How to manage risk to customer networks Publication
Oct 6, 2021 - There are several mitigation strategies that managed service providers can implement to protect their own networks and manage the security risks posed to their customers’ networks.
Important Vulnerabilities in Microsoft’s June 2023 Security Update Alert
Jun 15, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s June 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.
Social media terms of use
May 7, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) uses a number of social media services as part of its communications activities. These services include Facebook, Twitter, LinkedIn, Vimeo and YouTube.
Vulnerability Disclosure Program News
Nov 23, 2022 - New ACSC publication released to help organisations implement a Vulnerability Disclosure Program.
Critical Infrastructure
Jul 22, 2024 - Technical advice and non-regulatory guidance for critical infrastructure.
Who we are
Oct 25, 2022 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) leads the Australian Government’s efforts to improve cyber security. Our role is to help make Australia the most secure place to connect online.
Cancel COVID-19 cybercrime
Oct 18, 2022 - Cybercriminals are adapting their methods to take advantage of the COVID-19 pandemic. We continue to receive reports from individuals, businesses and government departments about a range of different COVID-19-themed scams, online fraud and phishing campaigns.
2020-001-4: Remediation for critical vulnerability in Citrix Application Delivery Controller and Citrix Gateway Advisory
Jan 13, 2020 - On 19 January 2020, Citrix released patches for two versions of the Citrix Application Delivery Controller (ADC) and Citrix Gateway appliances. Citrix expects to have patches available across all supported versions of Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP before the end of January 2020.
Quiz library Guidance
Test your knowledge about cybersecurity practices and threats through our quizzes.
Principles of operational technology cybersecurity Publication
Oct 2, 2024 - Critical infrastructure organisations provide vital services, including supplying clean water, energy, and transportation, to the public. These organisations rely on operational technology (OT) to control and manage the physical equipment and processes that provide these critical services. As such, the continuity of vital services relies on critical infrastructure organisations ensuring the cybersecurity and safety of their OT.
Guidelines for cybersecurity roles Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity roles.
People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection Advisory
May 25, 2023 - The People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection joint advisory provides examples of the cyber actor’s commands, along with detection signatures to aid network defenders in hunting for this activity.
APT exploitation of Fortinet Vulnerabilities Alert
Apr 3, 2021 - Advanced Persistent Threat (APT) actors targeting historic Fortinet vulnerabilities.
