Skip to main content
Report a cybercrime, cyber security incident or vulnerability.
Report

What are you looking for?

You can search for keywords to find pages that can help you e.g. scam

Report

Contact us

Portal login

  • About us

    About us

    Learn about who we are and what we do.

    About us
    • About ASD's ACSC
      • Who we are
      • Alerts and advisories
      • News
      • Reports and statistics
      • Contact us
  • Learn the basics

    Learn the basics

    Interactive tools and advice to boost your online safety.

    Learn cyber security Sign up for alerts
    • Explore the basics
      • Recognise and report scams
      • Set secure passphrases
      • Set up and perform regular backups
      • Turn on multi-factor authentication
      • Update your devices
      • Watch out for threats
      • Small business
      • Seniors
    • View resources
      • Glossary
      • Quiz library
      • Resources library
      • Translated Information
  • Protect yourself

    Protect yourself

    Advice and information about how to protect yourself online.

    Protect yourself Easy steps to secure yourself online Cyber health check tool Sign up for alerts
    • Securing your accounts
      • Multi-factor authentication
      • Passphrases
      • Passkeys
    • Securing your devices
      • How to secure your devices
      • How to back up your files and devices
      • How to update your device and software
    • Securing your email
      • Email security
    • Staying secure online
      • Connecting with others online
      • Protect yourself from scams
      • Online shopping
      • Connecting to public Wi-Fi and hotspots
      • Secure your Wi-Fi and router
      • Cyber security for charities and not-for-profits
    • Resources to protect yourself
      • Protecting your family
      • Personal cyber security guides
  • Threats

    Threats

    Common online security risks and advice on what you can do to protect yourself.

    Threats Report a cybercrime Sign up for alerts
    • Types of threats
      • Account compromise
      • Business email compromise
      • Cryptomining
      • Data breaches
      • Hacking
      • Identity theft
      • Information stealer
    • <notitle>
      • Malicious insiders
      • Malware
      • Phishing
      • Quishing
      • Ransomware
      • Scams
      • Social engineering
  • Report and recover

    Report and recover

    Respond to cyber threats and take steps to protect yourself from further harm.

    Report and recover Make a report Sign up for alerts
    • Report
      • Report a cybercrime, incident or vulnerability
      • Cybercrime - getting help
      • Single Reporting Portal
    • How we help during a cyber security incident
      • ASD’s role in cyber security: For legal practitioners
      • Supporting Australian organisations through a cyber security incident
      • Limited Use
    • Recover from
      • Account compromise
      • Business email compromise
      • Data breaches
      • Hacking
      • Identity theft
      • Malware
      • Ransomware
      • Scams
  • For business and government

    For business and government

    Resources for business and government agencies on cyber security.

    For business and government Become an ASD partner Cyber Security Awareness Month 2025 Critical infrastructure All publications Alerts and advisories Exercise in a Box
    • ASD's cyber security frameworks
      • Information security manual
      • Blueprint for Secure Cloud
      • Essential Eight
      • Gateway security guidance package
      • Mitigating cyber security incidents
      • Modern defensible architecture
      • Principles of operational technology cyber security
    • Secure design
      • Artificial intelligence
      • Operational technology environments
      • Planning for post-quantum cryptography
      • Secure by Design
    • Protecting devices and systems
      • Assessment and evaluation programs
      • Cloud computing
      • Hardening systems and applications
      • Legacy IT management
      • Remote working and secure mobility
      • Securing edge devices
      • System administration
    • Detecting and responding to threats
      • Cyber security incident response
      • Detecting and mitigating Active Directory compromises
      • Event logging
      • Vulnerability planning
    • Small business cyber security
      • Small business hub
      • Protecting your staff
      • Securing customer personal data
    • Supplier cyber risk management
      • Managed service providers
      • Managing cyber supply chains
    • Protecting business leaders
      • Cyber security for business leaders
      • Questions for the board of directors to ask about cyber security
      • Security tips for social media and messaging apps
  • Contact us
  • Report a cybercrime or cyber security incident
  • Portal login
Australian Cyber
Security Hotline
1300 CYBER1 (1300 292 371)

Search

Filter results by

Content type

  • Advice and guidance
  • Alerts and advisories
  • News and media releases
  • Programs
  • Publications
  • Reports and statistics
  • Threats

Audience

  • Individuals & families
  • Small & medium businesses
  • Organisations & Critical Infrastructure
  • Government

Recommended pages

Recognise and report scams
Information security manual
Mitigating cyber security incidents

Search results

Displaying search results for
Displaying 361 - 390 of 667 results.

Applied filters
Clear all filters

/learn-basics/explore-basics/passphrases

Set secure passphrases  

Jul 30, 2024 - Where multi-factor authentication is not available, a strong passphrase is your best defence. 

/threats/types-threats/ransomware

Ransomware   Threat

Read through the following case studies and learn from other Australians about how ransomware has affected them.

Individuals & families
Small & medium businesses
/business-government/small-business-cyber-security/securing-customer-personal-data

Securing customer personal data   Guidance

Jul 23, 2025 - This guide is focused specifically on the protection of customers’ personal data. Guidance on general cybersecurity for businesses can be found in the Small business cybersecurity guide and the Strategies to mitigate cybersecurity incidents published by ASD’s ACSC.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/business-government/asds-cyber-security-frameworks/gateway-security-guidance-package/gateway-security-principles

Gateway security guidance package: Gateway security principles   Publication

Jul 29, 2025 - Guidance written for audiences responsible for the procurement, operation and management of gateways.

Government
/about-us/news/australia-joins-us-and-uk-warn-2021-ransomware-trends

Australia joins US and UK to warn of 2021 Ransomware trends   News

Feb 10, 2022 - Ransomware continues to be a global threat, and cybercriminals using ransomware pose a significant risk to Australian organisations and households.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/fast-flux-national-security-threat

Fast Flux: A national security threat   Advisory

Apr 4, 2025 - This advisory is for network defenders and explains how Bulletproof Hosting Providers are using ‘fast flux’ to cycle quickly through bots and DNS records to bypass detection. It highlights the importance of using a reputable Protective DNS (PDNS) provider that detects and blocks fast flux.

Organisations & Critical Infrastructure
Government
/business-government/protecting-devices-systems/hardening-systems-applications/network-hardening/securing-edge-devices/mitigation-strategies-for-edge-devices-executive-guidance

Mitigation strategies for edge devices: Executive guidance   Publication

Feb 4, 2025 - This publication provides a high-level summary of ASD’s existing guidance to manage and secure edge devices effectively. It is intended for executives in large organisations and critical infrastructure providers that are responsible for the deployment, operation, security, and maintenance of enterprise networks. ASD is soon to release a comprehensive technical publication on mitigation strategies for edge devices for practitioners.

Organisations & Critical Infrastructure
Government
/threats/types-threats/malware/information-stealer-malware

Information stealer malware   Guidance

Jul 15, 2025 - Information stealer malware is a type of malware designed to steal sensitive data from devices. This can include user credentials, browser data and more.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/business-government/protecting-devices-systems/legacy-it-management/end-of-support-for-microsoft-windows-and-microsoft-windows-server

End of support for Microsoft Windows and Microsoft Windows server   Publication

Sep 4, 2025 - Support for Microsoft Windows and Microsoft Windows Server users following the expiration of the specified servicing timeline.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/phone-and-email-scammers-impersonating-asdacsc

Phone and email scammers impersonating the ASD's ACSC   Alert

Jan 19, 2022 - The Australian government will NEVER phone you to request access to your computer, or request you to purchase cryptocurrencies or gift cards. If you receive a suspicious phone call, take the caller's details, hang up and contact the company they claim to represent via official communication channels listed on their website. Never call a number provided by the scammer.

Individuals & families
/about-us/view-all-content/alerts-and-advisories/critical-security-vulnerability-affecting-apache-struts2-below-6-4-0

Critical security vulnerability affecting Apache Struts2 below 6.4.0.   Alert

Dec 13, 2024 - ASD’s ACSC is aware of a critical vulnerability impacting Apache Struts2 below 6.4.0 (CVE-2024-53677).

Small & medium businesses
Organisations & Critical Infrastructure
Government
/threats/types-threats/quishing

Quishing   Threat

Nov 2, 2023 - Quishing is a form of phishing attack that uses QR codes instead of text-based links in phishing emails, digital platforms or on physical items. Quishing is a social engineering technique used by scammers and malicious actors to trick their victims into providing sensitive personal information or downloading malware onto their devices.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/business-government/detecting-responding-to-threats/cyber-security-incident-response/preparing-for-and-responding-to-denial-of-service-attacks

Preparing for and responding to denial-of-service attacks   Publication

Mar 17, 2025 - Although organisations cannot avoid being targeted by denial-of-service attacks, there are a number of measures that organisations can implement to prepare for and potentially reduce the impact if targeted. Preparing for denial-of-service attacks before they occur is by far the best strategy, it is very difficult to respond once they begin and efforts at this stage are unlikely to be effective.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/critical-security-vulnerabilities-affecting-mitel-micollab-version-98-sp1-fp2-981201-and-earlier-versions

Critical security vulnerabilities affecting Mitel MiCollab version 9.8 SP1 FP2 (9.8.1.201) and earlier   Alert

Dec 9, 2024 - ASD’s ACSC is aware of multiple critical vulnerabilities impacting Mitel MiCollab collaboration applications.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/advisories/log4j-what-boards-and-directors-need-know

Log4j: What Boards and Directors Need to Know   Advisory

Jan 7, 2022 - Log4j is a software library used as a building block found in a wide variety of Java applications. The Log4j vulnerability – otherwise known as Log4Shell – is trivial to exploit, and represents a significant business continuity risk. This publication outlines what Boards and Directors need to know in order to protect their businesses.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/business-government/secure-design/operational-technology-environments/introduction-to-securing-smart-places

An introduction to securing smart places   Publication

Nov 21, 2022 - Smart places, also known as smart cities, are places designed to provide enhanced services to citizens using a collection of smart information technology (IT)-enabled systems and devices that capture, communicate and analyse data. To achieve this purpose, previously discrete technologies and systems are interconnected to allow for large-scale coordination, real-time decision making, and increased visibility and situational awareness of the smart place’s status.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/remote-code-execution-vulnerability-present-fortinet-devices

Remote code execution vulnerability present in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component   Alert

Nov 11, 2021 - A vulnerability has been identified in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component. Affected Australian organisations should apply the available update as soon as possible.

Organisations & Critical Infrastructure
Government
/about-us/alerts/critical-vulnerability-present-certain-versions-microsoft-excel

Critical vulnerability present in certain versions of Microsoft Excel   Alert

Nov 11, 2021 - Microsoft has identified active exploitation of a vulnerability in Microsoft Excel. Affected Australian organisations should apply the available security update as soon as possible.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/potential-accellion-file-transfer-appliance-compromise

Potential Accellion File Transfer Appliance compromise   Alert

Feb 25, 2021 - The ACSC has identified Australian organisations that may have been impacted by the Accellion File Transfer Appliance vulnerability and have provided mitigation recommendations.

Organisations & Critical Infrastructure
/business-government/asds-cyber-security-frameworks/ism/cybersecurity-guidelines/guidelines-for-procurement-and-outsourcing

Guidelines for procurement and outsourcing   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on procurement and outsourcing activities.

Organisations & Critical Infrastructure
Government
/business-government/secure-design/artificial-intelligence/an-introduction-to-artificial-intelligence

An introduction to artificial intelligence   Publication

Nov 24, 2023 - Artificial intelligence (AI) is an emerging technology that will play an increasingly influential role in the everyday life of Australians.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/barracuda-email-security-gateway-esg-malicious-activity-additional-indicators-compromise-released

Barracuda Email Security Gateway (ESG) malicious activity – additional Indicators of Compromise released   Alert

Dec 25, 2023 - Update: ASD's ACSC is aware of active exploitation of a third party library, Spreadsheet::ParseExcel, leading to potential Arbitrary Code Execution in Barracuda ESG appliances (CVE-2023-7101 and CVE-2023-7102).

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/exploitation-vulnerabilities-affecting-cisco-firewall-platforms

Exploitation of vulnerabilities affecting Cisco firewall platforms   Alert

Apr 25, 2024 - This alert has been written for the IT teams of organisations and government. Entities are strongly encouraged to take immediate action to ensure affected devices are patched and investigate for potential compromise.

Organisations & Critical Infrastructure
Government
/business-government/asds-cyber-security-frameworks/gateway-security-guidance-package/gateway-operations-management

Gateway security guidance package: Gateway operations and management   Publication

Jul 29, 2025 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.

Government
/about-us/advisories/2021-010-asdacsc-ransomware-profile-conti

2021-010: ASD's ACSC Ransomware Profile - Conti   Advisory

Mar 4, 2022 - Conti is a ransomware variant first observed in early 2020, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Conti is offered as a Ransomware-as-a-Service (RaaS), enabling affiliates to utilise it as desired, provided that a percentage of the ransom payment is shared with the Conti operators as commission. This product provides information related to Conti’s background, threat activity, and mitigation advice.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/alerts/potential-solarwinds-orion-compromise

Potential SolarWinds Orion compromise   Alert

Jan 25, 2021 - FireEye identifies global campaign leveraging malicious updates to SolarWinds software.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/report-and-recover/recover-from/ransomware

Report and recover from ransomware   Guidance

Jul 14, 2023 - Learn where to get help from a ransomware attack, and steps to protect yourself against future incidents.

Individuals & families
Small & medium businesses
/protect-yourself/staying-secure-online/shopping-and-banking-online/online-shopping/if-things-go-wrong

If things go wrong   Guidance

If you think you're a victim of a scam, there are steps you can take to protect yourself from further harm.

Individuals & families
/business-government/asds-cyber-security-frameworks/ism/cybersecurity-guidelines/guidelines-for-gateways

Guidelines for gateways   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on gateways.

Organisations & Critical Infrastructure
Government
/about-us/advisories/2022-004-asdacsc-ransomware-profile-alphv-aka-blackcat

2022-004: ASD's ACSC Ransomware Profile – ALPHV (aka BlackCat)   Advisory

Apr 14, 2022 - ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia.

Small & medium businesses
Organisations & Critical Infrastructure
Government

Pagination

  • First page « First
  • Previous page ‹‹
  • …
  • Page 9
  • Page 10
  • Page 11
  • Page 12
  • Current page 13
  • Page 14
  • Page 15
  • Page 16
  • Page 17
  • …
  • Next page ››
  • Last page Last »
Report a cyber security incident for critical infrastructure
Get alerts on new threats Alert Service
Become an ASD Partner
Report a cybercrime or cyber security incident
Acknowledgement of Country Circle
Acknowledgement of Country

We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities.
We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Australian Cyber Security Hotline 1300 CYBER1 (1300 292 371)
  • Contact us
  • Glossary
  • View all content
  • Copyright
  • Privacy
  • Accessibility
  • Disclaimer
  • Careers
  • Social media terms of use

Popular pages

  • Essential Eight
  • Alerts and advisories
  • Information Security Manual
Authorised by the Australian Government, Canberra