Search

2021-009: Malicious actors deploying Gootkit Loader on Australian Networks   Advisory

Aug 27, 2021 - From April 2021, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has received an increase in reporting of malicious actors targeting Australian networks with Gootkit JavaScript (JS) Loaders. Open-source reporting confirms that Gootkit JS Loaders are a precursor to several malware families traditionally used for cybercrime, notably, Gootkit, REvil ransomware, Kronos, or CobaltStrike. The ASD’s ACSC is providing this information to enable organisations to undertake their own risk assessments and take appropriate actions to secure their systems and networks. The ASD’s ACSC will update this advisory if more information becomes available.

Social engineering   Threat

May 29, 2025 - Social engineering is a significant threat to individuals and organisations, enabling malicious actors to compromise accounts, devices, systems or sensitive information.

Cyber Security Awareness Month 2024  

Sep 30, 2024 - October is Cyber Security Awareness Month and an annual reminder for all Australians to stay secure online.

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations   Advisory

Sep 15, 2022 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) has joined with international cyber security agency partners to co-author an advisory on continued Iranian state-sponsored cyber threats. Organisations are encouraged to apply the recommended mitigations to protect themselves online.

Advisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks   Advisory

Sep 16, 2020 - This advisory details the tactics, techniques and procedures (TTPs) identified during the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) investigation of a cyber campaign targeting Australian networks. These TTPs are captured in the frame of tactics and techniques outlined in the MITRE ATT&CK framework.

Resources for business and government  

Resources for business and government on cybersecurity.

Implementing SIEM and SOAR platforms: Practitioner guidance   Publication

May 27, 2025 - This publication provides high-level guidance for cyber security practitioners on Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.

Vulnerability Disclosure Program   News

Nov 23, 2022 - New ACSC publication released to help organisations implement a Vulnerability Disclosure Program.

Revamped guide to protect Australian businesses against cyber threats   News

Jun 22, 2023 - Australian businesses have a new source of help to understand and combat cyber threats through the refreshed Small Business Cyber Security Guide and new video developed by the The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC).

Priority logs for SIEM ingestion: Practitioner guidance   Publication

May 27, 2025 - This document is again intended for cybersecurity practitioners and provides detailed, technical guidance on the logs that should be prioritised for SIEM ingestion. It covers log sources including Endpoint Detection and Response tools, Windows/Linux operating systems, and Cloud and Network Devices.

First Nations Business Resources   Guidance

Jan 5, 2023 - Cybercriminals are finding new ways to target First Nations businesses all the time. There are a few simple things you can do to keep yourself and your business secure online.

BADBAZAAR and MOONSHINE: Technical analysis and mitigations   Advisory

Apr 9, 2025 - This guidance has been jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC Cyber League. Its provides new and collated threat intelligence on two spywares known as MOONSHINE and BADBAZAAR with guidance for how App store operators, developers and social media companies can keep their users safe.

Business Continuity in a Box   News

Nov 13, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), in collaboration with the US Cybersecurity and Infrastructure Security Agency (CISA), has published a new tool, Business Continuity in a Box, to help businesses continue basic operations during or after a cyber incident.

Business resources  

Apr 11, 2023 - Protecting your business from cybercriminals is vital in keeping your people and systems secure. Learn how to protect your business from cyberthreats.

Gateway security guidance package: Gateway operations and management   Publication

Jul 29, 2022 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.

The Commonwealth Cyber Security Posture in 2022   Reports and statistics

Dec 16, 2022 - The Commonwealth Cyber Security Posture in 2022 (the report) informs Parliament on the implementation of cybersecurity measures across the Commonwealth government, for the period January 2021 to June 2022. As of June 2022, the Commonwealth comprised 97 non-corporate Commonwealth entities (NCCEs), 71 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs).

Content Credentials: Strengthening Multimedia Integrity in the Generative AI Era   Publication

Jan 30, 2025 - This cybersecurity information sheet discusses how Content Credentials (especially Durable ones) can be valuable to protect the provenance of media, raises awareness of the state of this solution, provides recommended practices to ensure the preservation of provenance, and discusses the importance of widespread adoption across the information ecosystem.

Small business cybersecurity  

Jul 18, 2023 - How to protect your small business from common cyberthreats.

Gateway security guidance package: Gateway technology guides   Publication

Jul 29, 2022 - This guidance is one part of a package of documents that forms the Gateway security guidance package. When designing, procuring, operating, maintaining or disposing of a gateway, it is important to consider all the documents from the Gateway security guidance package at different stages of governance, design and implementation, and not to consume this guidance in isolation.

TMUI remote code execution vulnerability - CVE-2020-5902   Alert

Jul 6, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) advises users of F5’s enterprise and data centre BIG-IP products to ensure their systems are promptly patched after the recent disclosure of new remote code execution vulnerability.

Connecting with others online   

Jul 30, 2024 - It is easier than ever to stay in contact with people online. However, using popular online apps and tools can make you more susceptible to cybercriminals.

Guidelines for secure AI system development   Publication

Nov 27, 2023 - This document recommends guidelines for providers of any systems that use artificial intelligence (AI), whether those systems have been created from scratch or built on top of tools and services provided by others. This document is aimed primarily at providers of AI systems who are using models hosted by an organisation, or are using external application programming interfaces (APIs).

Gateway security guidance package: Gateway security principles   Publication

Jul 29, 2022 - Guidance written for audiences responsible for the procurement, operation and management of gateways.

Guidelines for cryptography   Advice

Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on cryptography.

The Commonwealth Cyber Security Posture in 2024   Reports and statistics

Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cybersecurity measures implemented across the Australian Government for the 2023–24 financial year.

Guidelines for cybersecurity roles   Advice

Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity roles.

Cyber resources for small businesses   News

Feb 11, 2022 - Last December, the Council of Small Business Organisations Australia (COSBOA) co-hosted an Act Now, Stay Secure breakfast at the National Portrait Gallery, along with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the Department of Home Affairs.

Cybersecurity guidelines  

Jun 13, 2024 - Practical guidance on how an organisation can protect their information technology and operational technology systems, applications and data from cyberthreats.

Guidelines for evaluated products   Advice

Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on evaluated products.

Guidelines for database systems   Advice

Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on database systems.