Search

Australian organisations encouraged to urgently adopt an enhanced cyber security posture   Alert

Mar 28, 2022 - Australian organisations are encouraged to urgently adopt an enhanced cyber security posture. Organisations should act now and follow ACSC’s advice to improve their cyber security resilience in light of the heightened threat environment.

Kaseya VSA Supply-Chain Ransomware Attack   Alert

Jul 12, 2021 - Patch now available for Kaseya VSA platform.

Learn the basics  

Aug 30, 2023 - Interactive tools and advice to boost your cybersecurity when online.

Advanced Persistent Threat (APT) actors targeting Australian health sector organisations and COVID-19 essential services   Alert

May 8, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware that Advanced Persistent Threat (APT) actors are actively targeting health sector organisations and medical research facilities.

Cancel COVID-19 cybercrime  

Oct 18, 2022 - Cybercriminals are adapting their methods to take advantage of the COVID-19 pandemic. We continue to receive reports from individuals, businesses and government departments about a range of different COVID-19-themed scams, online fraud and phishing campaigns.

Set up and perform regular backups  

Nov 9, 2022 - Backing up and having backups mean you can restore your files if something goes wrong. It is a precautionary measure so that your data is accessible in case something happens to your computer.

Tétum (Tetum)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Tetum.

Cyber sanction imposed on Russian cybercriminal for 2022 Medibank Private compromise   News

Jan 23, 2024 - Today Australia has imposed a cyber sanction under the Autonomous Sanctions Act 2011 on Russian national Aleksandr Ermakov for his role in the compromise of Medibank Private in 2022. This is the first time a sanction has been imposed under the Act.

Quiz library   Guidance

Test your knowledge about cybersecurity practices and threats through our quizzes.

Australians urged to act on cyber alert   News

Dec 15, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) issued an alert on a vulnerability in the Apache Log4j software library that exposed systems to potential cyberattack.

Delivering the goods in cyber security resilience to the transport and logistics sector   News

Oct 27, 2022 - National Cyber Security Exercise Series: Australia’s transport and logistics sector – May to August 2023

ASD's ACSC Annual Cyber Threat report 2020-21   News

Sep 16, 2021 - The Assistant Minister for Defence, The Hon Andrew Hastie MP, released the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) Annual Cyber Threat Report 2020-21.

After you've made a purchase   Guidance

Once you’ve made a purchase you still need to remain vigilant. Cybercriminals can target you even after you’ve made a purchase on a legitimate website. Learn what to look out for after you’ve bought something online.

Scammers impersonating the ASD's ACSC   Alert

Jun 13, 2025 - Scammers are impersonating the ASD's ACSC sending out phishing emails to the public with the email content suggesting to download a malicious antivirus program.

Exploitation of Unitronics Programmable Logic Controllers (PLCs)   Alert

Dec 5, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about global exploitation of Programmable Logic Controllers (PLC) and is aware of reports of compromise of these devices in Australia. These devices are present in a number of critical sectors such as water, energy, fuel and healthcare.

Microsoft's investment in Australia’s cyber security   News

Oct 24, 2023 - The Prime Minister has announced Microsoft’s $5 billion commitment to building Australia’s cyber defence.

If things go wrong   Guidance

If you think you're a victim of a scam, there are steps you can take to protect yourself from further harm.

Head of ACSC talks cyber security with Natarsha Belling in podcast special   News

Nov 29, 2021 - Ms Abigail Bradshaw, head of the Australian Cyber Security Centre (ACSC), recently sat down with journalist Natarsha Belling to discuss the common cyber threats affecting Australians today.

Australia joins US and UK to warn of 2021 Ransomware trends   News

Feb 10, 2022 - Ransomware continues to be a global threat, and cybercriminals using ransomware pose a significant risk to Australian organisations and households.

Advisory 2021-004: Active exploitation of ForgeRock Access Manager / OpenAM servers   Advisory

Jul 9, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has identified targeting and compromise of Australian organisations with vulnerable internet-accessible servers running ForgeRock Access Manager (ForgeRock AM). ForgeRock AM was previously known as OpenAM. The ASD's ACSC has observed malicious actors exploiting the vulnerability in ForgeRock AM/OpenAM to gain initial access to networks in multiple organisations, and facilitate further access within these networks. On 7 July 2021 the ASD's ACSC alerted organisations that this vulnerability was being actively exploited. This ASD's ACSC advisory provides recommendations for securing ForgeRock AM against vulnerability CVE-2021-35464, and advice on identifying potential successful exploitation of this vulnerability.

Cybercrime - getting help   Guidance

Apr 11, 2023 - If something has knocked you offline, check out the following information to help you get back up and running!

Recovering a compromised email account   Guidance

Nov 10, 2023 - Email accounts are valuable targets for cybercriminals. Not just because they store sensitive messages, but also because they can be used to impersonate the account owner, to spread scams, and to perform password resets.

Remote access to operational technology environments   Publication

Mar 28, 2023 - Many critical infrastructure providers are moving to support remote working arrangements. In doing so, modifying cybersecurity defences for operational technology environments (OTE) is not a decision that should be taken lightly.

Revised patch released to disable mitigation against Spectre variant 2   Advisory

Jan 29, 2020 - Intel has confirmed that the microcode updates designed to mitigate Spectre variant 2 (CVE-2017-5715: Branch Target Injection) have introduced an increased risk of system instability, data loss and corruption.

SonicWall Breach   Alert

Feb 4, 2021 - SonicWall identified an internal systems breach using a zero-day vulnerability within the SMA 100 series 10.x code.

COVID-19 malicious cyber activity   Alert

May 22, 2020 - Malicious cyber actors are actively targeting individuals and Australian organisations with COVID-19 related scams and phishing emails. These incidents are likely to increase in frequency and severity over the coming weeks and months. This is due, in part, to the ease in which existing scam emails and texts can be modified with a COVID-19 theme.

Cyber security is essential when preparing for COVID-19   Advisory

Mar 13, 2020 - In light of the COVID-19 pandemic, organisations are developing strategies to protect staff and vulnerable members of our community.

Cloud computing security for tenants   Publication

Jan 18, 2024 - This publication is designed to assist an organisation’s cybersecurity team, cloud architects and business representatives to jointly perform a risk assessment and use cloud services securely.

About us  

Learn about who we are and what we do.

Phishing   Threat

Mar 19, 2023 - Learn about phishing attacks and know what to do if you've been targeted.