You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 61 - 90 of 284 results.
Turn on multi-factor authentication
Nov 9, 2022 - Protect your important accounts with extra login steps.
Personal cyber security: Advanced steps guide Guidance
Mar 23, 2023 - The third and final cyber security guide in the personal cyber security series is designed to help everyday Australians understand an advanced level of cyber security and how to take action to protect themselves from cyber threats.
Hardening Microsoft Windows 11 workstations Publication
Sep 4, 2025 - This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 11. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 11 version 24H2.
Hardening Microsoft Windows 10 workstations Publication
Sep 4, 2025 - This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 10. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 10 version 22H2.
The Commonwealth Cyber Security Posture in 2024 Reports and statistics
Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cyber security measures implemented across the Australian Government for the 2023–24 financial year.
Gateway security guidance package: Gateway security principles Publication
Jul 29, 2025 - Guidance written for audiences responsible for the procurement, operation and management of gateways.
Protect yourself: Multi-factor authentication Guidance
Oct 14, 2022 - Multi-factor authentication (MFA) is when you use two or more different types of actions to verify your identity.
Advisory 2021-002: Active exploitation of vulnerable Microsoft Exchange servers Advisory
Mar 26, 2021 - On 2 March 2021 Microsoft released information regarding multiple exploits being used to compromise instances of Microsoft Exchange Server. Malicious actors are exploiting these vulnerabilities to compromise Microsoft Exchange servers exposed to the internet, enabling the malicious actor to access email accounts and to enable further compromise of the Exchange server and associated networks.
End of support for Microsoft Windows and Microsoft Windows server Publication
Sep 4, 2025 - Support for Microsoft Windows and Microsoft Windows Server users following the expiration of the specified servicing timeline.
The Commonwealth Cyber Security Posture in 2023 Reports and statistics
Nov 16, 2023 - The Commonwealth Cyber Security Posture in 2023 informs Parliament on the implementation of cyber security measures across the Australian Government for the 2022–23 financial year. According to the Flipchart of PGPA Act Commonwealth entities and companies, as of 30 June 2023 the Australian Government comprised 100 non-corporate Commonwealth entities (NCEs), 72 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs); totalling 189 Australian government entities.
Guidelines for cybersecurity documentation Advice
Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity documentation.
Personal cyber security: First steps guide Guidance
Apr 14, 2023 - The first of three cyber security guides in the personal cyber security series is designed to help everyday Australians understand a basic level of cyber security and how to take action to protect themselves from cyber threats.
Information stealer malware Guidance
Jul 15, 2025 - Information stealer malware is a type of malware designed to steal sensitive data from devices. This can include user credentials, browser data and more.
2021 Top Malware Strains Advisory
Aug 5, 2022 - This joint Cybersecurity Advisory (CSA) was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities Advisory
Nov 22, 2021 - Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple U.S. critical infrastructure sectors, including the Transportation Sector and the Healthcare and Public Health Sector, as well as Australian organisations.
ISM feedback form Service
Mar 2, 2023 - ISM feedback and enquiries.
IRAP community feedback form
Mar 1, 2021 - IRAP Community feedback form for the community to comment on a range of topics about the course
Understanding Ransomware Threat Actors: LockBit Advisory
May 8, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) alongside international partners have released a joint advisory on the ransomware variant LockBit. It functions as an affiliate-based Ransomware-as-a-Service (RaaS) model where affiliates are recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure.
Exercise in a Box
Nov 17, 2022 - This service provides an all-in-one platform that organisations can use to assess and improve their cybersecurity practices, in a controlled environment, and as many times as they want.
The Commonwealth Cyber Security Posture in 2022 Reports and statistics
Dec 16, 2022 - The Commonwealth Cyber Security Posture in 2022 (the report) informs Parliament on the implementation of cybersecurity measures across the Commonwealth government, for the period January 2021 to June 2022. As of June 2022, the Commonwealth comprised 97 non-corporate Commonwealth entities (NCCEs), 71 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs).
Hardening systems and applications
Apr 11, 2023 - It is important for all organisations to maintain the cybersecurity of their systems and data.
Threat update: COVID-19 malicious cyber activity 20 April 2020 Advisory
Apr 20, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) continues to receive reports from individuals, businesses and government departments about a range of different COVID-19 themed scams, online frauds and phishing campaigns. This threat update is about raising awareness of the evolving nature of COVID-19 related malicious cyber activity impacting Australians.
Gateway security guidance package: Gateway operations and management Publication
Jul 29, 2025 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.
Feb 25, 2023 - Contact ASD's ACSC for general enquiries and media enquiries.
ASD/ACSC engagement request
Jun 8, 2023 - Thank you for your interest in having ASD/ACSC attend or speak at your event. In order for us to identify the most appropriate staff member, we ask that you provide us with some information about your event, the audience and intended outcome of your engagement with ASD/ACSC. Please note we require 8 weeks’ notice to review your request.
Report a cyber security incident Service
If you are reporting fraud or cybercrime, please refer to the ReportCyber – Cybercrime page.
IRAP application form Program page
May 7, 2024 - IRAP application form
After you've made a purchase Guidance
Once you’ve made a purchase you still need to remain vigilant. Cybercriminals can target you even after you’ve made a purchase on a legitimate website. Learn what to look out for after you’ve bought something online.
BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors Advisory
Apr 9, 2025 - This advisory is jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC’s Cyber League. Its purpose is to raise awareness about the growing threat that malicious cyber actors pose to individuals connected to topics including Taiwan, Tibet, Xinjiang Uyghur Autonomous Region, democracy movements and the Falun Gong.
Advisory 2020-009: Recommendations to mitigate APT actors targeting health sector and COVID-19 essential services Advisory
May 8, 2020 - The ACSC recommends that organisations in the health sector implement the following cyber security mitigations:
