You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 331 - 360 of 607 results.
#StopRansomware: Play ransomware Advisory
Jun 5, 2025 - This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.
2021-003: Ongoing campaign using Avaddon Ransomware Advisory
May 8, 2021 - The Australian Cyber Security Centre (ACSC) is aware of an ongoing ransomware campaign utilising the Avaddon Ransomware malware. This campaign is actively targeting Australian organisations in a variety of sectors. This advisory provides details of Avaddon threat actors, dark web activity, targeted countries and sectors, the malware infection chain, and known Techniques, Tools, and Procedures (TTPs). If activity is identified relating to this advisory please report any findings to the ACSC.
Fast Flux: A national security threat Advisory
Apr 4, 2025 - This advisory is for network defenders and explains how Bulletproof Hosting Providers are using ‘fast flux’ to cycle quickly through bots and DNS records to bypass detection. It highlights the importance of using a reputable Protective DNS (PDNS) provider that detects and blocks fast flux.
Set up and perform regular backups
Nov 9, 2022 - Backing up and having backups mean you can restore your files if something goes wrong. It is a precautionary measure so that your data is accessible in case something happens to your computer.
Resources library
Jun 18, 2025 - Resources for individuals, families and small businesses
Implementing SIEM and SOAR platforms: Executive guidance Publication
May 27, 2025 - This publication is one of three in a suite of guidance on SIEM and SOAR platforms. It is primarily intended for executives but can be used by any organisation that is considering whether and how to implement a SIEM and/or SOAR.
Mitigation strategies for edge devices: Executive guidance Publication
Feb 4, 2025 - This publication provides a high-level summary of ASD’s existing guidance to manage and secure edge devices effectively. It is intended for executives in large organisations and critical infrastructure providers that are responsible for the deployment, operation, security, and maintenance of enterprise networks. ASD is soon to release a comprehensive technical publication on mitigation strategies for edge devices for practitioners.
Ransomware Threat
Read through the following case studies and learn from other Australians about how ransomware has affected them.
Critical security vulnerability affecting Apache Struts2 below 6.4.0. Alert
Dec 13, 2024 - ASD’s ACSC is aware of a critical vulnerability impacting Apache Struts2 below 6.4.0 (CVE-2024-53677).
Australia joins US and UK to warn of 2021 Ransomware trends News
Feb 10, 2022 - Ransomware continues to be a global threat, and cybercriminals using ransomware pose a significant risk to Australian organisations and households.
Critical security vulnerabilities affecting Mitel MiCollab version 9.8 SP1 FP2 (9.8.1.201) and earlier Alert
Dec 9, 2024 - ASD’s ACSC is aware of multiple critical vulnerabilities impacting Mitel MiCollab collaboration applications.
Phone and email scammers impersonating the ASD's ACSC Alert
Jan 19, 2022 - The Australian government will NEVER phone you to request access to your computer, or request you to purchase cryptocurrencies or gift cards. If you receive a suspicious phone call, take the caller's details, hang up and contact the company they claim to represent via official communication channels listed on their website. Never call a number provided by the scammer.
Quishing Threat
Nov 2, 2023 - Quishing is a form of phishing attack that uses QR codes instead of text-based links in phishing emails, digital platforms or on physical items. Quishing is a social engineering technique used by scammers and malicious actors to trick their victims into providing sensitive personal information or downloading malware onto their devices.
Log4j: What Boards and Directors Need to Know Advisory
Jan 7, 2022 - Log4j is a software library used as a building block found in a wide variety of Java applications. The Log4j vulnerability – otherwise known as Log4Shell – is trivial to exploit, and represents a significant business continuity risk. This publication outlines what Boards and Directors need to know in order to protect their businesses.
Remote code execution vulnerability present in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component Alert
Nov 11, 2021 - A vulnerability has been identified in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component. Affected Australian organisations should apply the available update as soon as possible.
Critical vulnerability present in certain versions of Microsoft Excel Alert
Nov 11, 2021 - Microsoft has identified active exploitation of a vulnerability in Microsoft Excel. Affected Australian organisations should apply the available security update as soon as possible.
Potential Accellion File Transfer Appliance compromise Alert
Feb 25, 2021 - The ACSC has identified Australian organisations that may have been impacted by the Accellion File Transfer Appliance vulnerability and have provided mitigation recommendations.
Exploitation of vulnerabilities affecting Cisco firewall platforms Alert
Apr 25, 2024 - This alert has been written for the IT teams of organisations and government. Entities are strongly encouraged to take immediate action to ensure affected devices are patched and investigate for potential compromise.
Recognise and report scams
Feb 1, 2023 - Scams are a common way that cybercriminals compromise accounts. Being alert to scam messages is a great way to protect yourself online.
Barracuda Email Security Gateway (ESG) malicious activity – additional Indicators of Compromise released Alert
Dec 25, 2023 - Update: ASD's ACSC is aware of active exploitation of a third party library, Spreadsheet::ParseExcel, leading to potential Arbitrary Code Execution in Barracuda ESG appliances (CVE-2023-7101 and CVE-2023-7102).
Securing customer personal data Guidance
Jul 30, 2024 - This guide is focused specifically on the protection of customers’ personal data. Guidance on general cybersecurity for businesses can be found in the Small business cybersecurity guide and the Strategies to mitigate cybersecurity incidents published by ASD’s ACSC.
Set secure passphrases
Jul 30, 2024 - Where multi-factor authentication is not available, a strong passphrase is your best defence.
2021-010: ASD's ACSC Ransomware Profile - Conti Advisory
Mar 4, 2022 - Conti is a ransomware variant first observed in early 2020, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Conti is offered as a Ransomware-as-a-Service (RaaS), enabling affiliates to utilise it as desired, provided that a percentage of the ransom payment is shared with the Conti operators as commission. This product provides information related to Conti’s background, threat activity, and mitigation advice.
An introduction to artificial intelligence Publication
Nov 24, 2023 - Artificial intelligence (AI) is an emerging technology that will play an increasingly influential role in the everyday life of Australians.
Potential SolarWinds Orion compromise Alert
Jan 25, 2021 - FireEye identifies global campaign leveraging malicious updates to SolarWinds software.
2022-004: ASD's ACSC Ransomware Profile – ALPHV (aka BlackCat) Advisory
Apr 14, 2022 - ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia.
If things go wrong Guidance
If you think you're a victim of a scam, there are steps you can take to protect yourself from further harm.
Malware targeting Centreon software Alert
Feb 16, 2021 - ANSSI identifies campaign targeting Centreon system monitoring software.
Vulnerability in Ivanti Endpoint Manager Mobile (EPMM) Alert
Jul 25, 2023 - This Alert is relevant to Australians who are running Ivanti EPMM. This alert is intended to be understood by slightly more technical users. Users are encouraged to immediately apply any available patches.
SonicWall Breach Alert
Feb 4, 2021 - SonicWall identified an internal systems breach using a zero-day vulnerability within the SMA 100 series 10.x code.
