Search

Be Ready - auDA Domain Name Changes   News

Mar 23, 2022 - The new domain name category could leave your business or organisation open to fraudulent cyber activity, such as business email compromise.

Secure your NAS device   Guidance

Nov 29, 2024 - Protect your network-attached storage (NAS) device and the important data it holds with this guide.

Security configuration guide: Apple iOS 14 devices   Publication

Oct 6, 2021 - ASD has developed this guide to assist Australians to understand risks when deploying iOS 14 devices and the security requirements that need to be met to allow them to handle classified data.

The Commonwealth Cyber Security Posture in 2024   Reports and statistics

Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cyber security measures implemented across the Australian Government for the 2023–24 financial year.

Joint advisory released for Managed Service Providers and Customers to mitigate cybersecurity risks   News

May 12, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has today joined with international cyber security agency partners, to warn Managed Service Providers (MSP) of pressing cyber risks and provide guidance on suitable mitigations for them and their customers.

Implementing multi-factor authentication   Publication

Nov 27, 2023 - This publication has been developed to provide guidance on what multi-factor authentication is, different multi-factor authentication methods that exist and why some multi-factor authentication methods are more secure, and therefore more effective, than others.

Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System   Advisory

Aug 28, 2025 - This joint cyber security advisory gives vital insights on People’s Republic of China (PRC) state-sponsored cyber threat actors, how they gain and maintain persistent access, and the capabilities they have. It provides threat hunting guidance and mitigation strategies to help safeguard your networks.

The Commonwealth Cyber Security Posture in 2023   Reports and statistics

Nov 16, 2023 - The Commonwealth Cyber Security Posture in 2023 informs Parliament on the implementation of cyber security measures across the Australian Government for the 2022–23 financial year. According to the Flipchart of PGPA Act Commonwealth entities and companies, as of 30 June 2023 the Australian Government comprised 100 non-corporate Commonwealth entities (NCEs), 72 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs); totalling 189 Australian government entities.

Secure administration   Publication

Oct 6, 2021 - Privileged access allows administrators to perform their duties, and is often seen as the ‘keys to the kingdom’. This publication provides guidance on how to implement secure administration techniques as part of the management of privileged access.

The Commonwealth Cyber Security Posture in 2020   Reports and statistics

Jun 10, 2021 - The Commonwealth Cyber Security Posture Report in 2020 informs the Parliament of the status of the Commonwealth’s cybersecurity posture. Overall, the report found that Commonwealth entities continued to improve their cybersecurity in 2020. Ongoing effort is required to maintain the currency and effectiveness of cybersecurity measures.

Principles of operational technology cyber security   Publication

Oct 2, 2024 - Critical infrastructure organisations provide vital services, including supplying clean water, energy, and transportation, to the public. These organisations rely on operational technology (OT) to control and manage the physical equipment and processes that provide these critical services. As such, the continuity of vital services relies on critical infrastructure organisations ensuring the cybersecurity and safety of their OT.

Deploying AI systems securely   Publication

Apr 16, 2024 - AI security is a rapidly evolving area of research. As agencies, industry, and academia discover potential weaknesses in AI technology and techniques to exploit them, organizations will need to update their AI systems to address the changing risks, in addition to applying traditional IT best practices to AI systems.

Foundations for modern defensible architecture   Publication

Feb 10, 2025 - The Foundations represent the first step to help organisations adopt a ‘modern defensible architecture’ approach, which will enable them to evolve alongside the threat landscape.

Small business cloud security guides: Introduction   Publication

Dec 16, 2022 - Securing your business can be a complex task. Among the numerous security priorities and configuration options, it can be difficult to know where to begin. These guides adapt ASD's ACSC’s Essential Eight mitigation strategies and outline an example of how each can be implemented to secure Microsoft 365 capabilities. The technical examples are designed to offer significant protection against cybersecurity incidents while remaining accessible to organisations with limited resources and cybersecurity expertise.

Critical remote code execution vulnerability found in the Log4j library   Alert

Dec 21, 2021 - A vulnerability (CVE-2021-44228) exists in certain versions of the Log4j library. A malicious cyber actor could exploit this vulnerability to execute arbitrary code. Australian organisations should apply latest patches immediately where Log4j is known to be used.

Implementing network segmentation and segregation   Publication

Oct 6, 2021 - Learn about practical strategies to make it harder for malicious actors to access sensitive data. This guidance is for those responsible for an organisation’s network architecture and design.

2023-03: ASD's ACSC Ransomware Profile – Lockbit 3.0   Advisory

Jun 15, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of Lockbit 3.0 which is the newest version of Lockbit ransomware. It is used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes as other variants such as encrypting their data, and extorting a ransom to return access to the sensitive files.

Geo-blocking in context: Realities, risks and recommendations   Publication

May 19, 2025 - This guidance is intended for decision makers and cybersecurity practitioners. It highlights what to be aware of when identifying the source of a threat and the potential implications of geo-blocking in a broader cybersecurity strategy.

Guidelines for email   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on email.

Technical example: Regular backups   Publication

Dec 16, 2022 - Implementing regular backups will assist your organisation to recover and maintain its operations in the event of a cybersecurity incident, for example, a ransomware attack.

Implementing SIEM and SOAR platforms: Practitioner guidance   Publication

May 27, 2025 - This publication provides high-level guidance for cyber security practitioners on Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.

Advisory 2020-017: Resumption of Emotet malware campaign   Advisory

Oct 30, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has observed the resumption of an ongoing and widespread campaign of malicious emails designed to spread the Emotet malware across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies.

Guidelines for gateways   Advice

Sep 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on gateways.

The silent heist: cybercriminals use information stealer malware to compromise corporate networks   Advisory

Sep 2, 2024 - Information stealer malware steals user login credentials and system information that cyber threat actors exploit, predominantly for monetary gain. Information stealers have been observed in attacks against multiple organisations and sectors worldwide, including Australia. This advisory provides readers with cyber security guidance on information stealers, including threat activity and mitigation advice for individuals and organisations.

Priority logs for SIEM ingestion: Practitioner guidance   Publication

May 27, 2025 - This document is again intended for cyber security practitioners and provides detailed, technical guidance on the logs that should be prioritised for SIEM ingestion. It covers log sources including Endpoint Detection and Response tools, Windows/Linux operating systems, and Cloud and Network Devices.

Business Continuity in a Box   Guidance

Aug 21, 2024 - Business Continuity in a Box assists organisations to swiftly and securely stand up critical business functions during or following a cybersecurity incident that has affected the availability or trust of existing systems.

Small business cloud security guides  

Apr 2, 2024 - ASD's ACSC has released a series of guides designed to help small businesses secure their cloud environment.

End of support for Microsoft Windows and Microsoft Windows server   Publication

Sep 4, 2025 - Support for Microsoft Windows and Microsoft Windows Server users following the expiration of the specified servicing timeline.

Protecting Against Cyber Threats to Managed Service Providers and their Customers   Advisory

May 12, 2022 - This advisory describes cybersecurity best practices for information and communications technology (ICT), focusing on guidance that enables transparent discussions between MSPs and their customers on securing sensitive data.

Cloud computing security for cloud service providers   Publication

Jan 18, 2024 - This publication is designed to assist cloud service providers (CSPs) in offering secure cloud services. It can also assist assessors in validating the security posture of a cloud service, which is often verified through an Infosec Registered Assessors Program (IRAP) assessment of the CSP services.