Search

Malware   Threat

Nov 10, 2023 - Malware (short for 'malicious software') is software that cybercriminals use to harm your computer system or network. Cybercriminals can use malware to gain access to your computer without you knowing, in targeted or broad-based attacks.

Security tips for online gaming   Guidance

Mar 1, 2024 - The world of online gaming is a popular target for scammers and cybercriminals. Gaming accounts can provide access to game licenses and linked payment methods making them highly valuable.

Secure your mobile phone   Guidance

Nov 12, 2024 - The security of your mobile phone can be as crucial as your computer. Follow these steps to protect your phone or tablet from cybercriminals.

Essential Eight assessment process guide   Publication

Oct 2, 2024 - This publication provides advice on how to assess the implementation of the Essential Eight.

Scams   Threat

Apr 21, 2023 - Online scams cost Australians millions of dollars each year and anyone can be targeted. Cybercriminals often use familiar brands and logos to make themselves seem reliable.

AI data security   Publication

May 23, 2025 - This publication provides essential data security guidance for organisations that develop and/or use AI systems, including businesses, government and critical infrastructure. It highlights the importance of data security in ensuring the accuracy and integrity of AI outcomes, and presents an in-depth examination of 3 areas of data security risks in AI systems: data supply chain, maliciously modified (poisoned) data, and data drift.

Protect yourself: Multi-factor authentication   Guidance

Oct 14, 2022 - Multi-factor authentication (MFA) is when you use two or more different types of actions to verify your identity.

Are you protected against ‘fast flux’?   News

Apr 4, 2025 - Bulletproof Hosting Providers are using ‘fast flux’ to cycle quickly through bots and DNS records to bypass detection by network defenders and law enforcement agencies.

New zero trust guidance – seeking industry feedback   News

Feb 10, 2025 - Have your say on new Foundations for modern defensible architectures, including zero trust and secure-by-design principles.

Remote code execution vulnerability in Windows DNS (CVE-2020-1350)   Alert

Jul 15, 2020 - On 14 July 2020, Microsoft acknowledged a critical remote code execution vulnerability in Windows Domain Name System (DNS), which could allow an adversary to run arbitrary code.

The case for memory safe roadmaps   Publication

Dec 7, 2023 - This guidance provides manufacturers with steps to create memory safe roadmaps and implement changes to eliminate memory safety vulnerabilities from their products.

Small business cloud security guides  

Apr 2, 2024 - ASD's ACSC has released a series of guides designed to help small businesses secure their cloud environment.

Business resources  

Apr 11, 2023 - Protecting your business from cybercriminals is vital in keeping your people and systems secure. Learn how to protect your business from cyberthreats.

Essential Eight  

Nov 27, 2023 - While no set of mitigation strategies are guaranteed to protect against all cyberthreats, organisations are recommended to implement eight essential mitigation strategies from the Strategies to mitigate cybersecurity incidents  as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems.

Information security manual  

Sep 26, 2024 - The Information security manual (ISM) is a cybersecurity framework that an organisation can apply, using their risk management framework, to protect their information technology and operational technology systems, applications and data from cyberthreats.

Essential Eight maturity model and ISM mapping   Publication

Oct 2, 2024 - This publication provides a mapping between the Essential Eight and the controls within the Information security manual (ISM).

New guidance for software and service manufacturers deploying system updates   News

Oct 25, 2024 - Implementing a safe software deployment program is vital for maintaining customer trust.

ASD women recognised for their contribution to the security industry   News

Oct 19, 2022 - The Australian Signals Directorate (ASD) has been recognised for its contribution to supporting women in the security industry at an awards night in Sydney.

Phone scams impersonating Australian businesses and government agencies   Alert

Aug 13, 2020 - Cybercriminals are spoofing Australian mobile numbers and pretending to be from an Australian Government agency, delivery company or business, manipulating the individual to gain access to their device.

Joint Advisory on Technical Approaches to Uncovering and Remediating Malicious Activity   Advisory

Sep 2, 2020 - The purpose of this report is to enhance incident response among partners and network administrators along with serving as a playbook for incident investigation.

Microsoft introduces Exchange Emergency Mitigation service   News

Oct 1, 2021 - Microsoft has launched a new optional protection for Microsoft Exchange servers.

Windows event logging and forwarding   Publication

Oct 6, 2021 - This publication has been developed as a guide to the setup and configuration of Microsoft Windows event logging and forwarding.

Revised patch released to disable mitigation against Spectre variant 2   Advisory

Jan 29, 2020 - Intel has confirmed that the microcode updates designed to mitigate Spectre variant 2 (CVE-2017-5715: Branch Target Injection) have introduced an increased risk of system instability, data loss and corruption.

Report and recover from business email compromise   Guidance

Jul 14, 2023 - Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.

2020-002: Critical Vulnerabilities for Microsoft Windows, Patch Urgently   Advisory

Jan 15, 2020 - If you or your organisation uses any of the affected products, the ACSC recommends that you apply the patches urgently.

Protect yourself: Updates   Guidance

Oct 14, 2022 - Cybercriminals are always looking for easy paths to get onto your devices.

Summary of Tactics, Techniques and Procedures Used to Target Australian Networks   Advisory

May 20, 2020 - This advisory provides information on methods to detect many of the TTPs listed. Partners are strongly encouraged to review their environments for the presence of the exploited vulnerabilities and provided TTPs.

Guidelines for system monitoring   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on system monitoring.

Outsourcing and procurement  

Apr 11, 2023 - Outsourcing to external service providers can save organisations time and money. By incorporating cybersecurity into procurement considerations, organisations can benefit significantly in the long run.

Copyright  

Information about the site's copyright