You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 141 - 160 of 238 results.
The case for memory safe roadmaps Publication
Dec 7, 2023 - This guidance provides manufacturers with steps to create memory safe roadmaps and implement changes to eliminate memory safety vulnerabilities from their products.
2021 Top Routinely Exploited Vulnerabilities Advisory
Apr 28, 2022 - This advisory provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.
Modern defensible architecture for senior decision-makers Publication
Oct 23, 2025 - ASD’s ACSC and the following international partners present this guidance to assist senior decision-makers to understand the contemporary threat landscape and how modern defensible architecture can support organisations to defend against current threats and prepare for future threats.
Industrial control systems: Remote access protocol Publication
Oct 6, 2021 - External parties may need to connect remotely to critical infrastructure control networks. This access is to allow the manufacturers of equipment used in Australia’s critical infrastructure the ability to maintain the equipment, when a fault is experienced that cannot be fixed in the required timeframe any other method.
Secure your Microsoft Windows device Guidance
Nov 29, 2024 - Your Microsoft Windows device often holds your most important data. Use these simple steps to protect your device from cyberattacks.
Threat update: COVID-19 malicious cyber activity 27 March 2020 Advisory
Mar 27, 2020 - This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.
2022 Top Routinely Exploited Vulnerabilities Advisory
Aug 4, 2023 - This advisory provides details on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2022 and the associated Common Weakness Enumeration(s) (CWE).
Russian GRU targeting Western logistics entities and technology companies Advisory
May 22, 2025 - This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies.
2021-007: Log4j vulnerability – advice and mitigations Advisory
Dec 29, 2021 - On 10 December 2021, ASD's ACSC released an alert relating to a serious vulnerability in versions of the Log4j Java logging library. Malicious cyber actors are using this vulnerability to target and compromise systems globally and in Australia. The ASD's ACSC is working with a significant number of victims and affected vendors across all sectors of the economy.
Gootkit Loader continues to be used on multiple Australian networks Advisory
Dec 23, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) continues to observe instances of Gootkit JavaScript (JS) Loaders on multiple Australian networks in 2022. Open source reporting also indicates continued Gootkit activity.
Quishing Threat
Nov 2, 2023 - Quishing is a form of phishing attack that uses QR codes instead of text-based links in phishing emails, digital platforms or on physical items. Quishing is a social engineering technique used by scammers and malicious actors to trick their victims into providing sensitive personal information or downloading malware onto their devices.
PRC State-Sponsored Cyber Activity Advisory
Mar 20, 2024 - This fact sheet provides an overview for executive leaders on the urgent risk posed by People’s Republic of China (PRC) state-sponsored cyber actors known as "Volt Typhoon."
Bulletproof defense: mitigating risks from bulletproof hosting providers Publication
Nov 20, 2025 - This document provides internet service providers (ISPs) and network defenders recommendations to mitigate potential cybercriminal activity enabled by bulletproof hosting (BPH) providers.
Business email compromise Threat
Feb 11, 2023 - Learn about email phishing and what to do if you are scammed out of money, goods or information.
Detecting socially engineered messages Publication
Oct 6, 2021 - Socially engineered messages pose a significant threat to organisations. They can have a big impact, helping malicious actors access accounts, systems or sensitive information. Learn how to spot a socially engineered message, including through email, SMS, social media or messaging apps.
Guidance on digital forensics and protective monitoring specifications for producers of network devices and appliances Publication
Feb 5, 2025 - This guidance has been developed with contributions from partnering agencies and is included in a series of publications aiming to draw attention to the importance of edge device cyber security measures.
Security tips for social media and messaging apps Publication
Jul 14, 2022 - This guide covers the risks of using social media and messaging apps and what to look out for. It also covers ways to help keep accounts safe for business and personal use.
An introduction to securing smart places Publication
Nov 21, 2022 - Smart places, also known as smart cities, are places designed to provide enhanced services to citizens using a collection of smart information technology (IT)-enabled systems and devices that capture, communicate and analyse data. To achieve this purpose, previously discrete technologies and systems are interconnected to allow for large-scale coordination, real-time decision making, and increased visibility and situational awareness of the smart place’s status.
Creating and maintaining a definitive view of your operational technology architecture Publication
Oct 28, 2025 - How organisations who deploy or operate operational technology systems should build, maintain and store their systems understanding.
ASD's ACSC Annual Cyber Threat Report, July 2021 to June 2022 Reports and statistics
Nov 4, 2022 - The Annual Cyber Threat Report is the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) flagship unclassified publication. The Report provides an overview of key cyberthreats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online.
