Search

Safe software deployment: How software manufacturers can ensure reliability for customers   Publication

Oct 25, 2024 - It is critical for all software manufacturers to implement a safe software deployment program supported by verified processes, including robust testing and measurements.

Staying secure online during back-to-school shopping   News

Jan 19, 2021 - Parents are being urged to be vigilant while shopping online for school essentials this month, with back-to-school shopping opening up opportunities for cybercriminals to strike.

Essential Eight assessment process guide   Publication

Oct 2, 2024 - This publication provides advice on how to assess the implementation of the Essential Eight.

Online shoppers the target of Christmas cyber grinches   News

Nov 3, 2021 - In the lead-up to Black Friday and festive season sales, Australians must be alert to the cybercriminals seeking to steal your Christmas joy and your money.

Malicious insiders   Threat

Jun 23, 2020 - Malicious insiders can be employees, former employees, contractors or business associates who have legitimate access to your systems and data, but use that access to destroy data, steal data or sabotage your systems. It does not include well-meaning staff who accidentally put your cyber security at risk or spill data.

Multiple Vulnerabilities in VMware vRealize Hyperic monitoring and performance management product   Alert

Nov 8, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has identified a number of critical vulnerabilities affecting VMware’s vRealize Hyperic monitoring and performance management product.

Are you protected against ‘fast flux’?   News

Apr 4, 2025 - Bulletproof Hosting Providers are using ‘fast flux’ to cycle quickly through bots and DNS records to bypass detection by network defenders and law enforcement agencies.

Privacy Awareness Week 2023   News

Apr 28, 2023 - The Australian Cyber Security Centre (ACSC) is supporting with the Office of the Australian Information Commissioner (OAIC) to support Privacy Awareness Week.

Why it’s time to ditch your one password for passphrases   News

Apr 28, 2023 - Your accounts are only as strong as the tools keeping them secure. One of the most effective ways of protecting your personal information and accounts is to use a strong passphrase.

Act now to defend against vicious cybercriminals   News

Jul 20, 2021 - Cybercriminals are targeting Australians at an unprecedented level to steal sensitive information and money, including through business email compromise and ransomware attacks.

Ongoing targeting of online code repositories   Alert

Sep 19, 2025 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of increased targeting of online code repositories, with threat actors employing various tactics to scan for and extract secrets, access private code bases, and modify packages to infect users.

The ASD’s ACSC does not have information to indicate that a specific industry or sector is being targeted, with this advisory providing general awareness of an observed increase in activity.

Cyber security principles   Advice

Dec 4, 2025 - Follow the Information security manual (ISM)'s cyber security principles to protect information technology and operational technology systems, applications and data from cyber threats.

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities   Advisory

Dec 23, 2021 - Malicious cyber actors are actively scanning networks to potentially exploit Log4Shell, CVE-2021-45046, and CVE-2021-45105 in vulnerable systems. According to public reporting, Log4Shell and CVE-2021-45046 are being actively exploited. This joint Cybersecurity Advisory is to provide mitigation guidance on addressing vulnerabilities.

Engaging with artificial intelligence   Publication

Jan 24, 2024 - The purpose of this paper is to provide organisations with guidance on how to use artificial intelligence (AI) systems securely. The paper summarises some important threats related to AI systems and includes cybersecurity mitigation strategies to aid organisations in engaging with AI while managing risk. It provides mitigations to assist both organisations that maintain their own AI systems and organisations that use third-party AI systems.

Glossary  

List of glossary terms used on cyber.gov.au website

Planning for critical vulnerabilities: What the board of directors needs to know   Publication

Dec 14, 2023 - This publication provides information on why it is important that the board of directors is aware of and plan for critical vulnerabilities that have the potential to cause major cybersecurity incidents.

Secure your user account   Guidance

Jan 24, 2024 - A user account is the account you use to sign in on your computer at home, school or work. Cybercriminals will target unsecure accounts and take advantage of poor security habits within the home and businesses. Their goal is to get access to your computer and steal your information. There are many ways to improve your account security, keep your accounts safe and avoid being the victim of a cyberattack.

People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection   Advisory

May 25, 2023 - The People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection joint advisory provides examples of the cyber actor’s commands, along with detection signatures to aid network defenders in hunting for this activity.

Secure your Apple macOS device   Guidance

Nov 29, 2024 - Your Apple macOS device often holds your most important data. Use these simple steps to protect your device from cyberattacks.

Don’t take BADCANDY from strangers – How your devices could be implanted and what to do about it   Advisory

Oct 31, 2025 - ASD recommends that system operators take the following actions to remove the BADCANDY implant if compromised and to mitigate the risk of re-exploitation.