Search

2020-003: Mailto ransomware incidents   Alert

Feb 6, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of recent ransomware incidents involving a ransomware tool known as ‘Mailto’ or ‘Kazakavkovkiz’. Mailto belongs to the KoKo ransomware family.

Multiple high severity vulnerabilities discovered in the Exim mail server   Alert

May 10, 2021 - Exim vulnerabilities could enable a malicious cyber actor to compromise vulnerable Exim servers. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends applying available patches.

Scammers impersonating the ASD's ACSC   Alert

Jun 13, 2025 - Scammers are impersonating the ASD's ACSC sending out phishing emails to the public with the email content suggesting to download a malicious antivirus program.

Account compromise   Threat

Nov 10, 2023 - Account compromise is when criminals get unauthorised access to your email, banking, or other accounts.

Act now to defend against vicious cybercriminals   News

Jul 20, 2021 - Cybercriminals are targeting Australians at an unprecedented level to steal sensitive information and money, including through business email compromise and ransomware attacks.

Be Ready - auDA Domain Name Changes   News

Mar 23, 2022 - The new domain name category could leave your business or organisation open to fraudulent cyber activity, such as business email compromise.

COVID-19 malicious cyber activity   Alert

May 22, 2020 - Malicious cyber actors are actively targeting individuals and Australian organisations with COVID-19 related scams and phishing emails. These incidents are likely to increase in frequency and severity over the coming weeks and months. This is due, in part, to the ease in which existing scam emails and texts can be modified with a COVID-19 theme.

Protect yourself and others from MyGov-related scams   Advisory

Jul 16, 2020 - The Australian Taxation Office (ATO) is receiving increased reports of myGov-related SMS and email scams. As always, our advice is DON’T click any links and DON’T provide the information requested.

Advisory 2020-017: Resumption of Emotet malware campaign   Advisory

Oct 30, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has observed the resumption of an ongoing and widespread campaign of malicious emails designed to spread the Emotet malware across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies.

Quishing   Threat

Nov 2, 2023 - Quishing is a form of phishing attack that uses QR codes instead of text-based links in phishing emails, digital platforms or on physical items. Quishing is a social engineering technique used by scammers and malicious actors to trick their victims into providing sensitive personal information or downloading malware onto their devices.

Strategies to mitigate cyber security incidents   Publication

Feb 1, 2017 - The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help organisations mitigate cyber security incidents caused by various cyber threats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.

Hardening Microsoft 365, Office 2021, Office 2019 and Office 2016   Publication

Jul 24, 2023 - Workstations are often targeted by malicious actors using malicious websites, emails or removable media in an attempt to extract sensitive information. Hardening applications on workstations is an important part of reducing this risk.

Detecting socially engineered messages   Publication

Oct 6, 2021 - Socially engineered messages pose a significant threat to organisations. They can have a big impact, helping malicious actors access accounts, systems or sensitive information. Learn how to spot a socially engineered message, including through email, SMS, social media or messaging apps.

Data breaches   Threat

Aug 30, 2023 - Sometimes personal information is released to unauthorised people by accident or as the result of a security breach. For example, an email with personal information can be sent to the wrong person, or a computer system can be hacked and personal information stolen. These are known as data breaches or data spills.

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns   Advisory

Dec 8, 2023 - The Russia-based actor is targeting organisations and individuals in the UK and other geographical areas of interest.

Gateway security guidance package: Gateway technology guides   Publication

Jul 29, 2025 - This guidance is one part of a package of documents that forms the gateway security guidance package. When designing, procuring, operating, maintaining or disposing of a gateway, it is important to consider all the documents from the gateway security guidance package at different stages of governance, design and implementation, and not to consume this guidance in isolation.

Implementing certificates, TLS, HTTPS and opportunistic TLS   Publication

Oct 6, 2021 - Transport Layer Security (TLS) is a widely used encryption protocol which enables parties to communicate securely over the internet. Through the use of certificates and Public Key Infrastructure (PKI), parties can identify each other through a trusted intermediary and establish encrypted tunnels for the secure transfer of information.

BADBAZAAR and MOONSHINE: Technical analysis and mitigations   Advisory

Apr 9, 2025 - This guidance has been jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC Cyber League. Its provides new and collated threat intelligence on two spywares known as MOONSHINE and BADBAZAAR with guidance for how App store operators, developers and social media companies can keep their users safe.

Microsoft Exchange Server security best practices   Publication

Oct 31, 2025 - This paper—authored by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), and Canadian Centre for Cyber Security (Cyber Centre)—provides security best practices for administrators on hardening on-premises (on-prem) Exchange.

COVID-19 Malicious Scams - Threat Awareness and Guidance   Advisory

Mar 27, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has produced a detailed report, including practical cyber security advice that organisations and individuals can follow to reduce the risk of harm.