You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 181 - 210 of 650 results.
Cancel COVID-19 cybercrime
Oct 18, 2022 - Cybercriminals are adapting their methods to take advantage of the COVID-19 pandemic. We continue to receive reports from individuals, businesses and government departments about a range of different COVID-19-themed scams, online fraud and phishing campaigns.
Domain Name System security for domain owners Publication
Oct 6, 2021 - This publication provides information on DNS security for domain owners. It also shared helpful strategies to reduce the risk of domain misuse.
The Commonwealth Cyber Security Posture in 2022 Reports and statistics
Dec 16, 2022 - The Commonwealth Cyber Security Posture in 2022 (the report) informs Parliament on the implementation of cybersecurity measures across the Commonwealth government, for the period January 2021 to June 2022. As of June 2022, the Commonwealth comprised 97 non-corporate Commonwealth entities (NCCEs), 71 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs).
Citrix Products NetScaler ADC and NetScaler Gateway Vulnerabilities Alert
Nov 29, 2023 - A malicious actor can exploit the vulnerability to execute code remotely without authentication. Organisations using Citrix products NetScaler ADC and NetScaler Gateway, possibly including Government and medium to large organisations. Ensure the latest release of NetScaler ADC and NetScaler Gateway have been installed.
APT40 Advisory Advisory
Jul 9, 2024 - This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre and international partners, outlines a People’s Republic of China (PRC) state-sponsored cyber group and their current threat to Australian networks.
Health Sector Snapshot News
Feb 10, 2021 - This Sector Snapshot is designed to enhance awareness of key cyber security threats in the health sector and advise executives and cyber security professionals within the health sector on what they can do to protect their organisation from cyber threats. This report provides a high-level overview of the cyber security environment from 1 January to 31 December 2020.
Supply chain compromise of 3CX DesktopApp Alert
Mar 31, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a reported supply chain compromise affecting the 3CX DesktopApp, allowing malicious actors to conduct multi-stage attacks against users of the legitimate software. Australian users of affected versions of 3CX DesktopApp should immediately follow the vendor’s advice and investigate for signs of malicious activity.
Guidelines for software development Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on software development.
News
Nov 3, 2022 - Find the latest in cyber security news
Educational pack for small businesses Guidance
Jun 15, 2023 - This educational pack provides engaging content to help small business owners learn how to stay cyber secure. Includes practical activities for staff.
2020 Health Sector Snapshot Reports and statistics
Feb 22, 2021 - This Sector Snapshot is designed to enhance awareness of key cyber security threats in the health sector and advise executives and cyber security professionals within the health sector on what they can do to protect their organisation from cyber threats. This report provides a high-level overview of the cyber security environment within the health sector over a twelve month period (1 January to 31 December 2020).
#StopRansomware: BianLian Ransomware Group Advisory
Nov 21, 2024 - The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint Cybersecurity Advisory to disseminate known BianLian ransomware and data extortion group IOCs and TTPs identified through FBI and ASD's ACSC investigations as of March 2023.
Gateway security guidance package: Executive guidance Publication
Jul 29, 2022 - The purpose of this guidance is to inform decision-makers at the executive level of their responsibilities, the appropriate considerations needed to make informed risk-based decisions, and to meet policy obligations when leading the design or consumption of their organisation’s gateway services.
Defending against the malicious use of the Tor network Publication
Oct 6, 2021 - The Tor network is a system that conceals a user’s IP address. It allows anonymous – and often malicious – communication. This guidance shares advice on how to detect and prevent traffic from the Tor network.
Gateway security guidance package: Gateway technology guides Publication
Jul 29, 2022 - This guidance is one part of a package of documents that forms the Gateway security guidance package. When designing, procuring, operating, maintaining or disposing of a gateway, it is important to consider all the documents from the Gateway security guidance package at different stages of governance, design and implementation, and not to consume this guidance in isolation.
Enhanced visibility and hardening guidance for communications infrastructure Advisory
Dec 4, 2024 - This guide provides network engineers and defenders of communications infrastructure with best practices to strengthen their visibility and harden their network devices against successful exploitation carried out by PRC-affiliated and other malicious cyber actors.
2023-01: ASD's ACSC Ransomware Profile - Royal Advisory
Jan 24, 2023 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a ransomware variant called Royal, which is being used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes to other variants such as encrypting their data and extorting a ransom to return access to the sensitive files.
View all content
Nov 3, 2022 -
Publications
Nov 3, 2022 - Find the latest cybersecurity publications.
Page not found
Jun 14, 2020 - Page not found for error 404
Preventing Web Application Access Control Abuse Advisory
Jul 28, 2023 - The Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers of web applications and organizations using web applications about insecure direct object reference (IDOR) vulnerabilities.
Quishing Threat
Nov 2, 2023 - Quishing is a form of phishing attack that uses QR codes instead of text-based links in phishing emails, digital platforms or on physical items. Quishing is a social engineering technique used by scammers and malicious actors to trick their victims into providing sensitive personal information or downloading malware onto their devices.
Content Credentials: Strengthening Multimedia Integrity in the Generative AI Era Publication
Jan 30, 2025 - This cybersecurity information sheet discusses how Content Credentials (especially Durable ones) can be valuable to protect the provenance of media, raises awareness of the state of this solution, provides recommended practices to ensure the preservation of provenance, and discusses the importance of widespread adoption across the information ecosystem.
Managing the risks of legacy IT: Practitioner guidance Publication
Jun 12, 2024 - This publication provides guidance for practitioners on managing the risks posed by legacy IT and outlines low-cost mitigations that organisations can draw upon.
Avaddon Ransomware Alert
May 8, 2021 - Increase in Avaddon ransomware attacks in Australia.
2020-003: Mailto ransomware incidents Alert
Feb 6, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of recent ransomware incidents involving a ransomware tool known as ‘Mailto’ or ‘Kazakavkovkiz’. Mailto belongs to the KoKo ransomware family.
Ransomware Playbook Guidance
Oct 10, 2024 - This interactive guide is here to assist you with taking all of the appropriate steps to prepare for, respond to and recover from a ransomware incident.
Advice, guidance and publications
Nov 3, 2022 - Find the latest cyber security advice, guidance and publications
Programs
Nov 3, 2022 - Find relevant cyber security programs
Detecting and mitigating Active Directory compromises Publication
Jan 22, 2025 - This publication provides an overview of techniques used to compromise Active Directory, and recommended strategies to mitigate these techniques. By implementing the recommendations in this publication, organisations can significantly improve their Active Directory security, and therefore their overall network security posture.
