You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 271 - 300 of 650 results.
Report and recover from ransomware Guidance
Jul 14, 2023 - Learn where to get help from a ransomware attack, and steps to protect yourself against future incidents.
New guidance on detecting and mitigating Active Directory compromises News
Sep 26, 2024 - Does your organisation use Microsoft’s Active Directory? Read our latest guidance on Active Directory compromises now.
Geo-blocking in context: Realities, risks and recommendations Publication
May 19, 2025 - This guidance is intended for decision makers and cybersecurity practitioners. It highlights what to be aware of when identifying the source of a threat and the potential implications of geo-blocking in a broader cybersecurity strategy.
How to secure your devices
Nov 29, 2024 - Protect your sensitive data and accounts. Learn how to secure your devices such as your computer, mobile phone and Internet of Things devices.
Active exploitation of critical vulnerability in Citrix Application Delivery Controller and Citrix Gateway Alert
Jan 13, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of ongoing attempts to exploit a critical vulnerability in Citrix Application Delivery Controller (ADC) (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP.
Security tips for online gaming Guidance
Mar 1, 2024 - The world of online gaming is a popular target for scammers and cybercriminals. Gaming accounts can provide access to game licenses and linked payment methods making them highly valuable.
2021-009: Malicious actors deploying Gootkit Loader on Australian Networks Advisory
Aug 27, 2021 - From April 2021, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has received an increase in reporting of malicious actors targeting Australian networks with Gootkit JavaScript (JS) Loaders. Open-source reporting confirms that Gootkit JS Loaders are a precursor to several malware families traditionally used for cybercrime, notably, Gootkit, REvil ransomware, Kronos, or CobaltStrike. The ASD’s ACSC is providing this information to enable organisations to undertake their own risk assessments and take appropriate actions to secure their systems and networks. The ASD’s ACSC will update this advisory if more information becomes available.
Australia joins US and UK to warn of 2021 Ransomware trends News
Feb 10, 2022 - Ransomware continues to be a global threat, and cybercriminals using ransomware pose a significant risk to Australian organisations and households.
System hardening
Dec 2, 2020 - This page lists publications on the hardening of applications and IT equipment.
Who we are
Oct 25, 2022 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) leads the Australian Government’s efforts to improve cyber security. Our role is to help make Australia the most secure place to connect online.
Critical vulnerability present in certain versions of Microsoft Excel Alert
Nov 11, 2021 - Microsoft has identified active exploitation of a vulnerability in Microsoft Excel. Affected Australian organisations should apply the available security update as soon as possible.
Secure your website Guidance
Jul 29, 2024 - Small business account for over 95% of all businesses in Australia and 72% of them have a website. However, in a world in which websites are increasingly being targeted by cyber criminals, only 36% check for updates every week. For those small businesses with a website, or that are considering one, these three quick wins will help you protect your money, data and reputation.
New guidance for software and service manufacturers deploying system updates News
Oct 25, 2024 - Implementing a safe software deployment program is vital for maintaining customer trust.
Iranian-based cyber actors compromising critical infrastructure networks News
Oct 17, 2024 - Iran-based cyber actors are using brute force attacks such as password spraying to compromise critical infrastructure networks.
Fundamentals of Cross Domain Solutions Publication
Oct 6, 2021 - This publication introduces technical and non-technical audiences to cross domain security principles for securely connecting security domains.
Copy-paste compromises Alert
Sep 16, 2020 - The Australian Government is aware of, and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor. The title ‘Copy-paste compromises’ is derived from the actor’s heavy use of tools copied almost identically from open source.
Critical severity vulnerability in Fortinet Fortigate SSL-VPN devices Alert
Jun 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a critical pre-authentication remote code execution vulnerability in Fortinet Fortigate SSL VPN devices. Australian organisations should patch their products and apply any recommended mitigations.
Multiple vulnerabilities present in the Spring Framework for Java Alert
Apr 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of media reporting relating to multiple potential vulnerabilities, including the so-called SpringShell vulnerability, in the Java Spring framework and its execution environments. These vulnerabilities pose a threat to organisations running applications on the web which contain components using the Java Spring framework.
Using the Information security manual Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on using the ISM.
Multiple vulnerabilities present in VMware products Alert
Aug 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate action.
Ransomware Threat
Read through the following case studies and learn from other Australians about how ransomware has affected them.
Report
Apr 11, 2023 - Report a cybercrime, incident or vulnerability.
Guidelines for networking Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on networking.
Marketing and filtering email service providers Publication
Oct 6, 2021 - This publication provides high level guidance on how to use email service providers (ESPs) in particular deployment scenarios. The considerations and controls described in that publication also apply to ESPs sending email on other organisations’ behalf.
Report a cyber security incident Service
If you are reporting fraud or cybercrime, please refer to the ReportCyber – Cybercrime page.
Secure administration Publication
Oct 6, 2021 - Privileged access allows administrators to perform their duties, and is often seen as the ‘keys to the kingdom’. This publication provides guidance on how to implement secure administration techniques as part of the management of privileged access.
Practical cybersecurity tips for business leaders Publication
Jan 17, 2024 - Business leaders can be appealing targets for malicious actors due to the sensitive information they can access, the important people they interact with and the influence they hold. This publication includes a checklist of practical tips business leaders can implement to improve their cybersecurity. The checklist is followed by a brief explanation of each tip and why it is recommended.
Report and recover from hacking Guidance
Apr 11, 2023 - If someone has stolen your money or personal information, find out what to do and who to contact. We also provide advice on how to avoid scams in future.
Single Reporting Portal Guidance
Nov 22, 2023 - To help you meet your reporting responsibilities, the Australian Government has brought together a list of Commonwealth legislative reporting requirements that could be triggered by a cybersecurity incident.
Phone and email scammers impersonating the ASD's ACSC Alert
Jan 19, 2022 - The Australian government will NEVER phone you to request access to your computer, or request you to purchase cryptocurrencies or gift cards. If you receive a suspicious phone call, take the caller's details, hang up and contact the company they claim to represent via official communication channels listed on their website. Never call a number provided by the scammer.
