Search

2021-007: Log4j vulnerability – advice and mitigations   Advisory

Dec 29, 2021 - On 10 December 2021, ASD's ACSC released an alert relating to a serious vulnerability in versions of the Log4j Java logging library. Malicious cyber actors are using this vulnerability to target and compromise systems globally and in Australia. The ASD's ACSC is working with a significant number of victims and affected vendors across all sectors of the economy.

Business resources  

Apr 11, 2023 - Protecting your business from cybercriminals is vital in keeping your people and systems secure. Learn how to protect your business from cyberthreats.

SVR cyber actors adapt tactics for initial cloud access   Advisory

Feb 27, 2024 - How SVR-attributed actors are adapting to the move of government and corporations to cloud infrastructure.

Preparing for and responding to denial-of-service attacks   Publication

Mar 17, 2025 - Although organisations cannot avoid being targeted by denial-of-service attacks, there are a number of measures that organisations can implement to prepare for and potentially reduce the impact if targeted. Preparing for denial-of-service attacks before they occur is by far the best strategy, it is very difficult to respond once they begin and efforts at this stage are unlikely to be effective.

Restricting Microsoft Office macros   Publication

Nov 27, 2023 - This publication has been developed to discuss approaches that can be applied by organisations to secure systems against malicious Microsoft Office macros while balancing both their business and security requirements.

Remote access to operational technology environments   Publication

Mar 28, 2023 - Many critical infrastructure providers are moving to support remote working arrangements. In doing so, modifying cybersecurity defences for operational technology environments (OTE) is not a decision that should be taken lightly.

Patching applications and operating systems   Publication

Nov 27, 2023 - Applying patches to applications and operating systems is critical to keeping systems secure. Patching forms part of the Essential Eight from the Strategies to mitigate cybersecurity incidents.

COVID-19 themed malicious cyber activity   Advisory

Mar 27, 2020 - This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.

Supporting Australian organisations through a cybersecurity incident   Guidance

Dec 18, 2024 - Malicious cyber activity continues to pose a significant risk to Australia’s security and prosperity. Australian organisations that have been, or may be impacted by a cybersecurity incident, are encouraged to reach out to the Australian Signal’s Directorate (ASD) to seek  technical incident response advice and assistance.

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns   Advisory

Dec 8, 2023 - The Russia-based actor is targeting organisations and individuals in the UK and other geographical areas of interest.

Securing customer personal data   Guidance

Jul 30, 2024 - This guide is focused specifically on the protection of customers’ personal data. Guidance on general cybersecurity for businesses can be found in the Small business cybersecurity guide and the Strategies to mitigate cybersecurity incidents published by ASD’s ACSC.

Threat update: COVID-19 malicious cyber activity 27 March 2020   Advisory

Mar 27, 2020 - This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.

ISM OSCAL releases  

Mar 2, 2023 - List of current and previous ISM releases in the OSCAL format.

National Exercise Program   Program page

Jul 12, 2018 - Our National Exercise Program helps critical infrastructure and government organisations validate and strength Australia's nationwide cyber security arrangements.

High Assurance Evaluation Program   Program page

Aug 18, 2022 - The Australian Signals Directorate’s High Assurance Evaluation Program involves rigorous analysis and testing to search for any security vulnerabilities in products.

Critical Infrastructure Uplift Program (CI-UP)   Program page

Apr 16, 2024 - The Critical Infrastructure Uplift Program (CI-UP) offers a range of services that assist critical infrastructure (CI) partners to improve their resilience against cyberattacks.

Emanation Security Program   Program page

Jul 1, 2018 - The Australian Signals Directorate’s Emanation Security Program sets out the requirements for government and organisations to be formally recognised to conduct emanation security practices to national standards.

2022-004: ASD's ACSC Ransomware Profile – ALPHV (aka BlackCat)   Advisory

Apr 14, 2022 - ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia.

2021-009: Malicious actors deploying Gootkit Loader on Australian Networks   Advisory

Aug 27, 2021 - From April 2021, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has received an increase in reporting of malicious actors targeting Australian networks with Gootkit JavaScript (JS) Loaders. Open-source reporting confirms that Gootkit JS Loaders are a precursor to several malware families traditionally used for cybercrime, notably, Gootkit, REvil ransomware, Kronos, or CobaltStrike. The ASD’s ACSC is providing this information to enable organisations to undertake their own risk assessments and take appropriate actions to secure their systems and networks. The ASD’s ACSC will update this advisory if more information becomes available.

Content Credentials: Strengthening Multimedia Integrity in the Generative AI Era   Publication

Jan 30, 2025 - This cybersecurity information sheet discusses how Content Credentials (especially Durable ones) can be valuable to protect the provenance of media, raises awareness of the state of this solution, provides recommended practices to ensure the preservation of provenance, and discusses the importance of widespread adoption across the information ecosystem.

#StopRansomware: BianLian Ransomware Group   Advisory

Nov 21, 2024 - The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint Cybersecurity Advisory to disseminate known BianLian ransomware and data extortion group IOCs and TTPs identified through FBI and ASD's ACSC investigations as of March 2023.

End of support   Guidance

Jul 29, 2024 - ‘End of support’ is when software is no longer support by the product developer that makes it. It will no longer receive security updates, general software updates or technical support.

Protecting Against Cyber Threats to Managed Service Providers and their Customers   Advisory

May 12, 2022 - This advisory describes cybersecurity best practices for information and communications technology (ICT), focusing on guidance that enables transparent discussions between MSPs and their customers on securing sensitive data.

Secure administration   Publication

Oct 6, 2021 - Privileged access allows administrators to perform their duties, and is often seen as the ‘keys to the kingdom’. This publication provides guidance on how to implement secure administration techniques as part of the management of privileged access.

Securing PowerShell in the enterprise   Publication

Oct 6, 2021 - This publication describes a maturity framework for PowerShell, balancing the security and business requirements of organisations. This framework enables organisations to take incremental steps towards securing PowerShell across their environment.

Report and recover from business email compromise   Guidance

Jul 14, 2023 - Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.

Hardening Microsoft Windows 10 and Windows 11 workstations   Publication

Jul 16, 2024 - This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 10 and Windows 11. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 10 version 22H2 and Windows 11 version 23H2.

Quiz library   Guidance

Test your knowledge about cybersecurity practices and threats through our quizzes.

Small Business Google Chromebook and ChromeOS Security Guide   Guidance

Nov 12, 2024 - This publication was developed by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) with technical input from Chrome Engineering.

Detecting and mitigating Active Directory compromises   Publication

Jan 22, 2025 - This publication provides an overview of techniques used to compromise Active Directory, and recommended strategies to mitigate these techniques. By implementing the recommendations in this publication, organisations can significantly improve their Active Directory security, and therefore their overall network security posture.