You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 391 - 420 of 596 results.
Email security
Jul 29, 2024 - Protect yourself, your employees and business from an email security incident before it's too late.
Recovering compromised bank accounts and online payment accounts Guidance
Nov 10, 2023 - Bank accounts are among the most important accounts to us and the most prized accounts to cybercriminals.
Questions to ask managed service providers Publication
Oct 6, 2021 - Asking the right questions to managed service providers can help organisations better understand the cybersecurity of their systems and the services they provide.
Foundations for modern defensible architecture Publication
Feb 10, 2025 - The Foundations represent the first step to help organisations adopt a ‘modern defensible architecture’ approach, which will enable them to evolve alongside the threat landscape.
Preparing for and responding to denial-of-service attacks Publication
Mar 17, 2025 - Although organisations cannot avoid being targeted by denial-of-service attacks, there are a number of measures that organisations can implement to prepare for and potentially reduce the impact if targeted. Preparing for denial-of-service attacks before they occur is by far the best strategy, it is very difficult to respond once they begin and efforts at this stage are unlikely to be effective.
Secure by Demand Publication
Jan 14, 2025 - This Secure by Demand guide, authored by CISA with contributions from the following partners, describes how OT owners and operators should integrate security into their procurement process when purchasing industrial automation and control systems as well as other OT products.
New guidance on detecting and mitigating Active Directory compromises News
Sep 26, 2024 - Does your organisation use Microsoft’s Active Directory? Read our latest guidance on Active Directory compromises now.
Protecting industrial control systems Publication
Jul 1, 2018 - Industrial control systems are essential to our daily life. They control the water we drink, the electricity we rely on and the transport that moves us all. It is critical that cyberthreats to industrial control systems are understood and mitigated appropriately to ensure essential services continue to provide for everyone.
Exchange server critical vulnerabilities Alert
Apr 15, 2021 - On 2 March 2021 Microsoft released information regarding multiple exploits being used to compromise instances of Microsoft Exchange Server. Malicious actors are exploiting these vulnerabilities to compromise Microsoft Exchange servers exposed to the internet, enabling access to email accounts and to enable further compromise of the Exchange server and associated networks.
Do you purchase technology for your organisation? News
Dec 5, 2024 - Updated guidance and new guidance for executives now available for Choosing secure and verifiable technologies.
Vulnerability in Fortinet’s FortiManager Alert
Oct 24, 2024 - The ASD’s ACSC is aware of a vulnerability affecting all versions of Fortinet's FortiManager device that enables an unauthorised actor access to the FortiManager console (CVE-2024-47575). FortiManager devices provide centralised management of Fortinet devices from a single console.
Updates to ASD’s Blueprint for Secure Cloud News
Mar 18, 2025 - We have updated the Blueprint to reflect recent changes to Microsoft Purview.
About us
FortiOS & FortiProxy - Authentication bypass in Node.js websocket module vulnerability Alert
Jan 15, 2025 - Fortinet has released information regarding an identified vulnerability in FortiOS version 7.0 and FortiProxy versions 7.0 and 7.2 instances. ASD’s ACSC recommends customers follow the advice contained in Fortinet’s notification.
Choosing secure and verifiable technologies: Executive guidance Publication
Dec 5, 2024 - This guide supports senior leaders to enable their organisations to understand their threat environment and make better-informed assessments and decisions to procure secure technologies.
Recovering a compromised online account Guidance
Nov 10, 2023 - Online accounts are important for our day-to-day activities and often store sensitive information about us. This can make them useful for cybercriminals looking to gain access to our resources or identities.
Critical vulnerability in Ivanti CSA 4.6 (Cloud Services Appliance) Alert
Sep 20, 2024 - Ivanti has released a security advisory addressing a critical vulnerability affecting Ivanti CSA 4.6 (Cloud Services Appliance). The vulnerability affects Ivanti CSA 4.6 before Patch 519.
ASD's ACSC participation in Asia Pacific Computer Emergency Response Team (APCERT) Drill News
Aug 24, 2022 - The ASD's ACSC has joined international partners in the annual Asia Pacific Computer Emergency Response Team (APCERT) Drill.
Essential Eight Assessment Guidance Package News
Nov 23, 2022 - The Australian Signals Directorate has published updated guidance to help ensure consistent Essential Eight assessment across government and industry.
CVE-2024-24919 - Check Point Security Gateway Information Disclosure Alert
May 31, 2024 - The ASD’s ACSC is aware of CVE-2024-24919 that enables access of sensitive information to an unauthorised actor.
New joint advisory on PRC botnet operations released News
Sep 19, 2024 - Protect your organisation and yourself from botnet operations.
Critical Vulnerability affecting Fortinet’s FortiClientEMS Alert
Mar 22, 2024 - ASD’s ACSC is aware of a critical vulnerability (CVE-2023-48788) affecting Fortinet’s FortiClientEMS. Organisations are strongly encouraged to take immediate action to ensure affected instances are patched and investigate for potential compromise.
Vulnerability in Progress Kemp products Alert
Feb 22, 2024 - ASD’s ACSC is aware of a vulnerability (CVE-2024-1212) that affects all Progress Kemp LoadMaster releases after 7.2.48.1. Organisations are strongly encouraged to take immediate action to patch relevant systems.
#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability Advisory
Nov 29, 2023 - This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.
Cloud computing security for executives Publication
Jan 18, 2024 - This publication is designed to provide executives from organisations looking to utilise cloud computing services an overview of the components that make up ‘cloud’ and help understand the security risks to be considered when using cloud computing.
Remote Code Execution Vulnerability In Cisco Unified Communications Products Alert
Jan 26, 2024 - ASD’s ACSC is aware of a vulnerability in Cisco Unified Communications Products (CVE 2024-20253). Organisations using Cisco Unified Communication products are strongly advised to follow the mitigation advice provided by Cisco if they are vulnerable.
Critical Infrastructure Uplift Program (CI-UP) Program page
Apr 16, 2024 - The Critical Infrastructure Uplift Program (CI-UP) offers a range of services that assist critical infrastructure (CI) partners to improve their resilience against cyberattacks.
2021 Trends Show Increased Globalized Threat of Ransomware Advisory
Feb 10, 2022 - This joint Cybersecurity Advisory—authored by cybersecurity authorities in the United States, Australia, and the United Kingdom—provides observed behaviors and trends as well as mitigation recommendations to help network defenders reduce their risk of compromise by ransomware.
Microsoft Office Outlook Remote Code Execution Vulnerability Alert
Feb 18, 2024 - ASD’s ACSC is aware of a vulnerability in Microsoft Office Outlook (CVE-2024-21413). Users of Microsoft Office Outlook are strongly advised to follow the mitigation advice provided by Microsoft if they are vulnerable.
Remote Code Execution Vulnerability In Confluence Data Center and Confluence Server Alert
Jan 17, 2024 - ASD’s ACSC is aware of a vulnerability in Confluence Data Center and Confluence Server (CVE-2023-22527). Organisations are strongly encouraged to take immediate action to ensure affected instances are patched.
