Search

2020 Health Sector Snapshot   Reports and statistics

Feb 22, 2021 - This Sector Snapshot is designed to enhance awareness of key cyber security threats in the health sector and advise executives and cyber security professionals within the health sector on what they can do to protect their organisation from cyber threats. This report provides a high-level overview of the cyber security environment within the health sector over a twelve month period (1 January to 31 December 2020).

Multiple vulnerabilities affecting Cisco ASA 5500-X Series devices   Alert

Sep 26, 2025 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of multiple vulnerabilities impacting Cisco Secure Firewall Adaptive Security Appliance (ASA) 5500-X Series models that are running Cisco ASA Software or Cisco Secure Firewall Threat Defense (FTD) Software.

Cisco reports active exploitation of these vulnerabilities globally. ASD’s ACSC has also observed targeting in Australia.

People’s Republic of China (PRC) State-Sponsored Cyber Actor Living Off the Land to Evade Detection   Alert

May 25, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC), in conjunction with the United States (US) National Security Agency (NSA) its international partners, has released a Cybersecurity Advisory regarding a PRC state-sponsored cyber actor conducting activity impacting US critical infrastructure (CI) sectors. Because of the potential risk to CI sectors outside the US, all organisations are encouraged to review the published Advisory and report any malicious activity to the ASD's ACSC.

Joint Advisory on Technical Approaches to Uncovering and Remediating Malicious Activity   Advisory

Sep 2, 2020 - The purpose of this report is to enhance incident response among partners and network administrators along with serving as a playbook for incident investigation.

The Commonwealth Cyber Security Posture in 2025   Reports and statistics

Feb 12, 2026 - The Commonwealth Cyber Security Posture in 2025 informs the Australian Parliament on cyber security measures implemented across the Australian Government for the 2024–25 financial year.

Types of scams   Guidance

Learn about the common types of scams, how to identify them and how to recover from them.

Set up and perform regular backups  

Nov 9, 2022 - Backing up and having backups mean you can restore your files if something goes wrong. It is a precautionary measure so that your data is accessible in case something happens to your computer.

Exercise in a Box  

Nov 17, 2022 - This service provides an all-in-one platform that organisations can use to assess and improve their cybersecurity practices, in a controlled environment, and as many times as they want.

Scattered Spider   Advisory

Jul 30, 2025 - This joint Cybersecurity Advisory is in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors, subsectors, and other sectors. This advisory provides tactics, techniques, and procedures (TTPs) obtained through FBI investigations as recently as June 2025

Head ACSC Address to AISA Cyber Conference 2021   News

Mar 17, 2021 - The Future of Cyber Security in Australia’ – Address by Abigail Bradshaw CSC, on 15 March 2021 Canberra Convention Centre.

Email security  

Jul 29, 2024 - Protect yourself, your employees and business from an email security incident before it's too late.

Social media terms of use  

Jan 13, 2026 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) uses a number of social media services as part of its communications activities. These services include Facebook, Twitter, LinkedIn, Vimeo and YouTube. 

ForgeRock Open AM critical vulnerability   Alert

Jul 7, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed active exploitation of a vulnerability in ForgeRock OpenAM (reported as CVE-2021-35464) against a number of Australian organisations. The ASD’s ACSC strongly recommends organisations urgently apply available patches or workarounds to mitigate the risk of this vulnerability being exploited.

Artificial intelligence for small business   Publication

Jan 14, 2026 - This guide explains the key cyber security risks of adopting AI technologies and how to reduce while adopting. While traditional threats such as phishing, ransomware and insider threats are still relevant, this guide focuses on other risks that AI introduces.

Guidelines for cyber security incidents   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on cyber security incidents.

Seniors  

Jun 23, 2023 - This guide provides some simple steps and resources to protect your personal information, accounts and life savings when going online.

Supporting Australian organisations through a cyber security incident   Guidance

Oct 23, 2025 - Malicious cyber activity continues to pose a significant risk to Australia’s security and prosperity. Australian organisations that have been, or may be impacted by a cyber security incident, are encouraged to reach out to the Australian Signal’s Directorate (ASD) to seek technical incident response advice and assistance.

Guidelines for cyber security roles   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on cyber security roles.

Guidelines for personnel security   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on personnel security.

Bulletproof defense: mitigating risks from bulletproof hosting providers   Publication

Nov 20, 2025 - This document provides internet service providers (ISPs) and network defenders recommendations to mitigate potential cybercriminal activity enabled by bulletproof hosting (BPH) providers.