Search

Report and recover from ransomware   Guidance

Jul 14, 2023 - Learn where to get help from a ransomware attack, and steps to protect yourself against future incidents.

2021-009: Malicious actors deploying Gootkit Loader on Australian Networks   Advisory

Aug 27, 2021 - From April 2021, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has received an increase in reporting of malicious actors targeting Australian networks with Gootkit JavaScript (JS) Loaders. Open-source reporting confirms that Gootkit JS Loaders are a precursor to several malware families traditionally used for cybercrime, notably, Gootkit, REvil ransomware, Kronos, or CobaltStrike. The ASD’s ACSC is providing this information to enable organisations to undertake their own risk assessments and take appropriate actions to secure their systems and networks. The ASD’s ACSC will update this advisory if more information becomes available.

Active exploitation of critical vulnerability in Citrix Application Delivery Controller and Citrix Gateway   Alert

Jan 13, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of ongoing attempts to exploit a critical vulnerability in Citrix Application Delivery Controller (ADC) (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP.

Advice for Malicious Cyber Activity by Iran   News

Sep 15, 2022 - Australian organisations are urged to be alert to continued malicious cyber activity conducted by Advanced Persistent Threat (APT) actors, assessed to be affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC).

Using the information security manual   Advice

Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on using the ISM.

Security tips for social media and messaging apps   Publication

Jul 14, 2022 - It's a great way to stay in touch and share content online. This guide covers the risks of using social media and messaging apps and what to look out for. It also covers ways to help keep accounts safe for business and personal use.

New guidance on detecting and mitigating Active Directory compromises   News

Sep 26, 2024 - Does your organisation use Microsoft’s Active Directory? Read our latest guidance on Active Directory compromises now.

Secure by Demand   Publication

Jan 14, 2025 - This Secure by Demand guide, authored by CISA with contributions from the following partners, describes how OT owners and operators should integrate security into their procurement process when purchasing industrial automation and control systems as well as other OT products.

Copy-paste compromises   Alert

Sep 16, 2020 - The Australian Government is aware of, and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor. The title ‘Copy-paste compromises’ is derived from the actor’s heavy use of tools copied almost identically from open source.

Critical vulnerability present in certain versions of Microsoft Excel   Alert

Nov 11, 2021 - Microsoft has identified active exploitation of a vulnerability in Microsoft Excel. Affected Australian organisations should apply the available security update as soon as possible.

Social engineering   Threat

May 29, 2025 - Social engineering is a significant threat to individuals and organisations, enabling malicious actors to compromise accounts, devices, systems or sensitive information.

Critical severity vulnerability in Fortinet Fortigate SSL-VPN devices   Alert

Jun 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a critical pre-authentication remote code execution vulnerability in Fortinet Fortigate SSL VPN devices. Australian organisations should patch their products and apply any recommended mitigations.

Multiple vulnerabilities present in the Spring Framework for Java   Alert

Apr 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of media reporting relating to multiple potential vulnerabilities, including the so-called SpringShell vulnerability, in the Java Spring framework and its execution environments. These vulnerabilities pose a threat to organisations running applications on the web which contain components using the Java Spring framework.

Multiple vulnerabilities present in VMware products   Alert

Aug 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate action.

Ransomware   Threat

Read through the following case studies and learn from other Australians about how ransomware has affected them.

Security tips for online gaming   Guidance

Mar 1, 2024 - The world of online gaming is a popular target for scammers and cybercriminals. Gaming accounts can provide access to game licenses and linked payment methods making them highly valuable.

Fundamentals of Cross Domain Solutions   Publication

Oct 6, 2021 - This publication introduces technical and non-technical audiences to cross domain security principles for securely connecting security domains.

Secure administration   Publication

Oct 6, 2021 - Privileged access allows administrators to perform their duties, and is often seen as the ‘keys to the kingdom’. This publication provides guidance on how to implement secure administration techniques as part of the management of privileged access.

How to secure your devices  

Nov 29, 2024 - Protect your sensitive data and accounts. Learn how to secure your devices such as your computer, mobile phone and Internet of Things devices.

Report a cyber security incident   Service

If you are reporting fraud or cybercrime, please refer to the ReportCyber – Cybercrime page.

Secure your website   Guidance

Jul 29, 2024 - Small business account for over 95% of all businesses in Australia and 72% of them have a website. However, in a world in which websites are increasingly being targeted by cyber criminals, only 36% check for updates every week. For those small businesses with a website, or that are considering one, these three quick wins will help you protect your money, data and reputation.

New guidance for software and service manufacturers deploying system updates   News

Oct 25, 2024 - Implementing a safe software deployment program is vital for maintaining customer trust.

Iranian-based cyber actors compromising critical infrastructure networks   News

Oct 17, 2024 - Iran-based cyber actors are using brute force attacks such as password spraying to compromise critical infrastructure networks.

Australia is fighting back against ransomware   News

Jun 15, 2021 - Australians continue to be targeted by cybercriminals through ransomware campaigns impacting multiple sectors across our economy.

Marketing and filtering email service providers   Publication

Oct 6, 2021 - This publication provides high level guidance on how to use email service providers (ESPs) in particular deployment scenarios. The considerations and controls described in that publication also apply to ESPs sending email on other organisations’ behalf.

Who we are  

Oct 25, 2022 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) leads the Australian Government’s efforts to improve cyber security. Our role is to help make Australia the most secure place to connect online.

Practical cyber security tips for business leaders   Publication

Jan 17, 2024 - Business leaders can be appealing targets for malicious actors due to the sensitive information they can access, the important people they interact with and the influence they hold. This publication includes a checklist of practical tips business leaders can implement to improve their cybersecurity. The checklist is followed by a brief explanation of each tip and why it is recommended.

New advisory – PRC state-sponsored actors compromise networks worldwide to feed global espionage system   News

Aug 28, 2025 - Don’t feed their global espionage systems – read the full advisory for vital insights on threat hunting, indicators of compromise, and mitigation strategies to help your organisation safeguard your networks and assets.

Phone and email scammers impersonating the ASD's ACSC   Alert

Jan 19, 2022 - The Australian government will NEVER phone you to request access to your computer, or request you to purchase cryptocurrencies or gift cards. If you receive a suspicious phone call, take the caller's details, hang up and contact the company they claim to represent via official communication channels listed on their website. Never call a number provided by the scammer.

Report  

Apr 11, 2023 - Report a cybercrime, incident or vulnerability.