You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 511 - 540 of 543 results.
Protecting your family Guidance
May 2, 2023 - Advice and guidance for parents and guardians to help children have secure experiences online.
IRAP community feedback form
Mar 1, 2021 - IRAP Community feedback form for the community to comment on a range of topics about the course
Critical Vulnerability in popular Java framework Apache Struts2 Alert
Dec 14, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is concerned about a critical Remote Code Execution (RCE) vulnerability in Apache Struts2. This primarily affects Java applications which use this framework. Apache Struts2 is widely used in enterprise and bespoke Java applications.
Feb 25, 2023 - Contact ASD's ACSC for general enquiries and media enquiries.
System monitoring
Jun 5, 2025 - This page lists publications on performing effective system monitoring.
Phishing Threat
Mar 19, 2023 - Learn about phishing attacks and know what to do if you've been targeted.
Securing edge devices
Feb 4, 2025 - Malicious actors often target internet-facing edge devices to gain unauthorised access to enterprise networks. Learn how to secure edge devices such as routers, firewalls and VPN concentrators.
Report a vulnerability Service
Report vulnerabilities that are not publicly known, through the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) coordinated vulnerability disclosure service.
Multiple vulnerabilities present in VMware products Alert
Aug 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate action.
Joint advisory released for Managed Service Providers and Customers to mitigate cybersecurity risks News
May 12, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has today joined with international cyber security agency partners, to warn Managed Service Providers (MSP) of pressing cyber risks and provide guidance on suitable mitigations for them and their customers.
Advisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks Advisory
Sep 16, 2020 - This advisory details the tactics, techniques and procedures (TTPs) identified during the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) investigation of a cyber campaign targeting Australian networks. These TTPs are captured in the frame of tactics and techniques outlined in the MITRE ATT&CK framework.
Single Reporting Portal Guidance
Nov 22, 2023 - To help you meet your reporting responsibilities, the Australian Government has brought together a list of Commonwealth legislative reporting requirements that could be triggered by a cybersecurity incident.
Advisory 2020-004: Remote code execution vulnerability being actively exploited in vulnerable versions of Telerik UI by sophisticated actors Advisory
May 22, 2020 - This advisory is focused around the targeting of CVE-2019-18935 but has significant overlap to the previously released ACSC 2019-126 advisory.
Remote working
Jul 30, 2024 - This page lists publications on working securely when away from the office environment.
Web hardening
Dec 2, 2020 - This page lists publications on the hardening of services that can be accessed via the World Wide Web.
2021-007: Log4j vulnerability – advice and mitigations Advisory
Dec 29, 2021 - On 10 December 2021, ASD's ACSC released an alert relating to a serious vulnerability in versions of the Log4j Java logging library. Malicious cyber actors are using this vulnerability to target and compromise systems globally and in Australia. The ASD's ACSC is working with a significant number of victims and affected vendors across all sectors of the economy.
Operational technology environments
Oct 4, 2024 - This page lists publications on critical infrastructure and their supporting operational technology environments.
Network hardening
Apr 11, 2023 - This page lists publications on the hardening of network infrastructure.
Educational pack for seniors Guidance
Jun 23, 2023 - This educational pack provides engaging content to help seniors learn how to stay cyber secure. Practical steps and topics range from a basic to advanced level.
Remote code execution vulnerability in Windows DNS (CVE-2020-1350) Alert
Jul 15, 2020 - On 14 July 2020, Microsoft acknowledged a critical remote code execution vulnerability in Windows Domain Name System (DNS), which could allow an adversary to run arbitrary code.
ASD's ACSC Advisory 2020-012: Critical remote code execution vulnerability in Windows DNS server (CVE-2020-1350) Advisory
Jul 15, 2020 - An adversary who successfully exploits the vulnerability could run arbitrary code in the context of the Local System Account. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends users apply the security patch to their Windows DNS servers to prevent an adversary from exploiting this vulnerability.
Translated information
Apr 4, 2024 - We have developed easy-to-follow cybersecurity information and resources to support people from non-English speaking backgrounds to be more cyber secure.
ISM OSCAL releases
Mar 2, 2023 - List of current and previous ISM releases in the OSCAL format.
Educational pack for small businesses Guidance
Jun 15, 2023 - This educational pack provides engaging content to help small business owners learn how to stay cyber secure. Includes practical activities for staff.
Resources for business and government
Resources for business and government on cybersecurity.
Cyber Security Awareness Month 2024 News
Oct 1, 2024 - October is Cyber Security Awareness Month, a time for all Australians to talk about cyber security and take action to protect their devices and accounts.
Cyber sanction imposed on Russian cybercriminal for 2022 Medibank Private compromise News
Jan 23, 2024 - Today Australia has imposed a cyber sanction under the Autonomous Sanctions Act 2011 on Russian national Aleksandr Ermakov for his role in the compromise of Medibank Private in 2022. This is the first time a sanction has been imposed under the Act.
Suspected user credentials stolen from FortiNet devices leaked online Alert
Sep 10, 2021 - A malicious cyber actor has leaked a list of suspected user credentials and IP address of the associated FortiNet SSL VPN device the credentials are used for. Organisations should review the patch status and history of internet exposed FortiNet SSL VPN devices and consider performing a password reset for affected users.
Exploitation of vulnerabilities affecting Cisco firewall platforms Alert
Apr 25, 2024 - This alert has been written for the IT teams of organisations and government. Entities are strongly encouraged to take immediate action to ensure affected devices are patched and investigate for potential compromise.
Potential SolarWinds Orion compromise Alert
Jan 25, 2021 - FireEye identifies global campaign leveraging malicious updates to SolarWinds software.
