You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 121 - 150 of 393 results.
People’s Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations Advisory
Sep 19, 2024 - Cyber actors may have used botnet to compromise thousands of Internet-connected devices.
Vulnerability disclosure programs explained Publication
Dec 12, 2024 - A vulnerability disclosure program (VDP) is a collection of processes and procedures designed to identify, verify, resolve and report on vulnerabilities disclosed by people who may be internal or external to organisations. The importance of developing, implementing and maintaining a well thought-out VDP cannot be underestimated. It is an integral part of professional organisations’ business operations.
Exploitation of existing Fortinet Vulnerabilities Alert
Apr 11, 2025 - Fortinet has released information regarding exploitation of previously known vulnerabilities affecting Fortinet devices. ASD’s ACSC recommends customers follow the advice contained in Fortinet’s advisory page.
Critical vulnerabilities in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) Alert
Feb 1, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of critical vulnerabilities affecting Ivanti Connect Secure (ICS), formerly known as Pulse Connect Secure, and Ivanti Policy Secure (IPS) gateways. The vulnerabilities affect all supported versions and configurations of the products. Customers should apply the mitigations made available by Ivanti and implement patches as they become available.
How to secure your devices
Nov 29, 2024 - Protect your sensitive data and accounts. Learn how to secure your devices such as your computer, mobile phone and Internet of Things devices.
Guidelines for secure AI system development Publication
Nov 27, 2023 - This document recommends guidelines for providers of any systems that use artificial intelligence (AI), whether those systems have been created from scratch or built on top of tools and services provided by others. This document is aimed primarily at providers of AI systems who are using models hosted by an organisation, or are using external application programming interfaces (APIs).
Learn the basics
Aug 30, 2023 - Interactive tools and advice to boost your cybersecurity when online.
Small business cybersecurity
Jul 18, 2023 - How to protect your small business from common cyberthreats.
Report
Apr 11, 2023 - Report a cybercrime, incident or vulnerability.
Security considerations for edge devices Publication
Feb 5, 2025 - Edge devices are an important part of many enterprise computing systems. They allow connection across various devices that aid in productivity. However, just like with all technology they are not without their vulnerabilities. Edge devices require attention and diligence to keep data safe and secure.
Are you protected against ‘fast flux’? News
Apr 4, 2025 - Bulletproof Hosting Providers are using ‘fast flux’ to cycle quickly through bots and DNS records to bypass detection by network defenders and law enforcement agencies.
Security configuration guide: Apple iOS 14 devices Publication
Oct 6, 2021 - ASD has developed this guide to assist Australians to understand risks when deploying iOS 14 devices and the security requirements that need to be met to allow them to handle classified data.
Critical vulnerability in Pulse/Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457) Alert
Apr 4, 2025 - Ivanti have released information regarding active exploitation of a critical vulnerability in Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457). ASD’s ACSC recommends customers follow the advice contained in Ivanti’s Security Advisory and assess their environments for malicious activity.
Archived reports and statistics
Feb 13, 2025 - Search archived report and statistics
Guidelines for system management Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on system management.
Guidelines for communications infrastructure Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on communications infrastructure.
The Commonwealth Cyber Security Posture in 2024 Reports and statistics
Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cyber security measures implemented across the Australian Government for the 2023–24 financial year.
Content Credentials: Strengthening Multimedia Integrity in the Generative AI Era Publication
Jan 30, 2025 - This cybersecurity information sheet discusses how Content Credentials (especially Durable ones) can be valuable to protect the provenance of media, raises awareness of the state of this solution, provides recommended practices to ensure the preservation of provenance, and discusses the importance of widespread adoption across the information ecosystem.
Identifying and Mitigating Living Off the Land Techniques Advisory
Feb 8, 2024 - This Guide, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and the following agencies (hereafter referred to as the authoring agencies), provides information on common living off the land (LOTL) techniques and common gaps in cyber defense capabilities.
Cyber Security Awareness Month 2024
Sep 30, 2024 - October is Cyber Security Awareness Month and an annual reminder for all Australians to stay secure online.
2023-03: ASD's ACSC Ransomware Profile – Lockbit 3.0 Advisory
Jun 15, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of Lockbit 3.0 which is the newest version of Lockbit ransomware. It is used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes as other variants such as encrypting their data, and extorting a ransom to return access to the sensitive files.
Mitigation strategies for edge devices: Executive guidance Publication
Feb 4, 2025 - This publication provides a high-level summary of ASD’s existing guidance to manage and secure edge devices effectively. It is intended for executives in large organisations and critical infrastructure providers that are responsible for the deployment, operation, security, and maintenance of enterprise networks. ASD is soon to release a comprehensive technical publication on mitigation strategies for edge devices for practitioners.
Enhanced visibility and hardening guidance for communications infrastructure Advisory
Dec 4, 2024 - This guide provides network engineers and defenders of communications infrastructure with best practices to strengthen their visibility and harden their network devices against successful exploitation carried out by PRC-affiliated and other malicious cyber actors.
Head ACSC Address to AISA Cyber Conference 2021 News
Mar 17, 2021 - The Future of Cyber Security in Australia’ – Address by Abigail Bradshaw CSC, on 15 March 2021 Canberra Convention Centre.
Ransomware Playbook Guidance
Oct 10, 2024 - This interactive guide is here to assist you with taking all of the appropriate steps to prepare for, respond to and recover from a ransomware incident.
2023-01: ASD's ACSC Ransomware Profile - Royal Advisory
Jan 24, 2023 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a ransomware variant called Royal, which is being used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes to other variants such as encrypting their data and extorting a ransom to return access to the sensitive files.
Small Business Google Chromebook and ChromeOS Security Guide Guidance
Nov 12, 2024 - This publication was developed by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) with technical input from Chrome Engineering.
Fundamentals of Cross Domain Solutions Publication
Oct 6, 2021 - This publication introduces technical and non-technical audiences to cross domain security principles for securely connecting security domains.
2021-006: ASD's ACSC Ransomware Profile - Lockbit 2.0 Advisory
Aug 5, 2021 - The LockBit ransomware restricts access to corporate files and systems by encrypting them into a locked and unusable format. Victims receive instructions on how to engage with the offenders after encryption. LockBit affiliates have successfully deployed ransomware on corporate systems in a variety of countries and sectors, including Australia, where the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of numerous incidents since 2020. LockBit affiliates are known to implement the ‘double extortion’ technique by uploading stolen and sensitive victim information to their dark web site ‘LockBit 2.0’, and threatening to sell and/or release this information if their ransom demands are not met.
Patching applications and operating systems Publication
Nov 27, 2023 - Applying patches to applications and operating systems is critical to keeping systems secure. Patching forms part of the Essential Eight from the Strategies to mitigate cybersecurity incidents.
