Search

Ransomware   Threat

Read through the following case studies and learn from other Australians about how ransomware has affected them.

High Severity vulnerability present in OpenSSL version 3.x   Alert

Nov 2, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a buffer overrun and buffer overflow vulnerability in OpenSSL versions above to 3.0. All Australian organisations using version 3.x should apply the available patch immediately.

Cyber Security Awareness Month 2022   News

Sep 30, 2022 - October is Cyber Security Awareness Month and this year the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) theme is Have you been hacked?

New guidance on detecting and mitigating Active Directory compromises   News

Sep 26, 2024 - Does your organisation use Microsoft’s Active Directory? Read our latest guidance on Active Directory compromises now.

Watch out for threats  

Nov 2, 2022 - Know what to look for to stay in control of your devices and applications.

How to use the internet securely: A guide for seniors   Guidance

Oct 1, 2021 - Some basic cyber security practices that you can use to protect yourself when accessing the internet.

APT40 Advisory   Advisory

Jul 9, 2024 - This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre and international partners, outlines a People’s Republic of China (PRC) state-sponsored cyber group and their current threat to Australian networks.

Secure your social media   Guidance

Jul 29, 2024 - Keep your social media secure by using these tips. Learn how to protect your accounts, privacy and information.

Guidelines for networking   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on networking.

Australia joins US and UK to warn of 2021 Ransomware trends   News

Feb 10, 2022 - Ransomware continues to be a global threat, and cybercriminals using ransomware pose a significant risk to Australian organisations and households.

Cybersecurity guidelines  

Jun 13, 2024 - Practical guidance on how an organisation can protect their information technology and operational technology systems, applications and data from cyberthreats.

Guidelines for communications systems   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on communications systems.

Cyber security incident response planning: Practitioner guidance   Publication

Dec 12, 2024 - ASD defines a cybersecurity incident as an unwanted or unexpected cybersecurity event, or a series of such events, that has either compromised business operations or has a significant probability of compromising business operations.

Back to school with cyber secure devices   News

Feb 4, 2022 - As children return to school, Australian parents are urged to make devices like mobile phones and laptop computers more cyber secure and to teach their children about cyber security, with 2022 set to be another year of hybrid learning for most families.

2020 Health Sector Snapshot   Reports and statistics

Feb 22, 2021 - This Sector Snapshot is designed to enhance awareness of key cyber security threats in the health sector and advise executives and cyber security professionals within the health sector on what they can do to protect their organisation from cyber threats. This report provides a high-level overview of the cyber security environment within the health sector over a twelve month period (1 January to 31 December 2020).

How to secure your devices  

Nov 29, 2024 - Protect your sensitive data and accounts. Learn how to secure your devices such as your computer, mobile phone and Internet of Things devices.

Cybersecurity for charities and not-for-profits   Guidance

Mar 12, 2024 - How to avoid common cyberthreats and protect your mission .

ASD's ACSC urges victims to report cybercrimes   News

Jul 17, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is urging all Australians to report cybercrimes immediately to ReportCyber amid the growing number of cybercrimes impacting Australians.

Security tips for remote working   Guidance

Jul 29, 2024 - As an employee, you may be more at risk when working away from the office. Learn how to stay secure while working from home or remotely.

Mitigation strategies for edge devices: Practitioner guidance   Publication

Feb 4, 2025 - This publication expands on Mitigation strategies for edge devices: executive guidance. It provides IT practitioners with a list of mitigation strategies for the most common types of edge devices and appliances across enterprise networks and large organisations.

Small business cyber security guide   Publication

Jun 16, 2023 - This guide includes basic security measures to help protect your business against common cyber threats.

Joint advisory released for Managed Service Providers and Customers to mitigate cybersecurity risks   News

May 12, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has today joined with international cyber security agency partners, to warn Managed Service Providers (MSP) of pressing cyber risks and provide guidance on suitable mitigations for them and their customers.

2022-004: ASD's ACSC Ransomware Profile – ALPHV (aka BlackCat)   Advisory

Apr 14, 2022 - ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia.

2021 Top Routinely Exploited Vulnerabilities   Advisory

Apr 28, 2022 - This advisory provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.

COVID-19 scam messages   Advisory

Mar 16, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of a COVID-19 themed scam being distributed via text message.

2022 Top Routinely Exploited Vulnerabilities   Advisory

Aug 4, 2023 - This advisory provides details on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2022 and the associated Common Weakness Enumeration(s) (CWE).

Implementing multi-factor authentication   Publication

Nov 27, 2023 - This publication has been developed to provide guidance on what multi-factor authentication is, different multi-factor authentication methods that exist and why some multi-factor authentication methods are more secure, and therefore more effective, than others.

IRAP assessment feedback form   Service

Feb 1, 2021 - IRAP Assessment feedback form for IRAP assessments

Advisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks   Advisory

Sep 16, 2020 - This advisory details the tactics, techniques and procedures (TTPs) identified during the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) investigation of a cyber campaign targeting Australian networks. These TTPs are captured in the frame of tactics and techniques outlined in the MITRE ATT&CK framework.

2023-01: ASD's ACSC Ransomware Profile - Royal   Advisory

Jan 24, 2023 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a ransomware variant called Royal, which is being used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes to other variants such as encrypting their data and extorting a ransom to return access to the sensitive files.