You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 211 - 240 of 262 results.
Cybersecurity terminology Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity terminology.
Report and recover from hacking Guidance
Apr 11, 2023 - If someone has stolen your money or personal information, find out what to do and who to contact. We also provide advice on how to avoid scams in future.
Set secure passphrases
Jul 30, 2024 - Where multi-factor authentication is not available, a strong passphrase is your best defence.
Engaging with artificial intelligence Publication
Jan 24, 2024 - The purpose of this paper is to provide organisations with guidance on how to use artificial intelligence (AI) systems securely. The paper summarises some important threats related to AI systems and includes cybersecurity mitigation strategies to aid organisations in engaging with AI while managing risk. It provides mitigations to assist both organisations that maintain their own AI systems and organisations that use third-party AI systems.
User education
Apr 11, 2023 - This page lists publications on cybersecurity that relate to the behaviour of people and virtual communities of people.
Cryptomining Threat
Jun 23, 2020 - Cryptocurrency mining (cryptomining) uses the processing power of computers to solve complex mathematical problems and verify cybercurrency transactions. The miners are then rewarded with a small amount of cybercurrency.
Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations Advisory
Sep 15, 2022 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) has joined with international cyber security agency partners to co-author an advisory on continued Iranian state-sponsored cyber threats. Organisations are encouraged to apply the recommended mitigations to protect themselves online.
Quishing Threat
Nov 2, 2023 - Quishing is a form of phishing attack that uses QR codes instead of text-based links in phishing emails, digital platforms or on physical items. Quishing is a social engineering technique used by scammers and malicious actors to trick their victims into providing sensitive personal information or downloading malware onto their devices.
Report and recover from business email compromise Guidance
Jul 14, 2023 - Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.
Protecting against business email compromise Publication
Oct 6, 2021 - Business email compromise is when malicious actors use email to abuse trust in business processes to scam organisations out of money or goods. Malicious actors can impersonate business representatives using similar names, domains or fraudulent logos as a legitimate organisation or by using compromised email accounts and pretending to be a trusted co-worker.
Business resources
Apr 11, 2023 - Protecting your business from cybercriminals is vital in keeping your people and systems secure. Learn how to protect your business from cyberthreats.
Australian Signals Directorate’s Cyber Security Partnership Program Program page
The Australian Signals Directorate's Australian Cyber Security Partnership Program enables Australian organisations and individuals to engage with the ASD's ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.
Report and recover from malware Guidance
Nov 10, 2023 - If you’ve fallen victim to a malware attack, find out what to do and who to contact.
Small business cybersecurity guide Publication
Jun 16, 2023 - This guide includes basic security measures to help protect your business against common cyberthreats.
Planning for critical vulnerabilities: What the board of directors needs to know Publication
Dec 14, 2023 - This publication provides information on why it is important that the board of directors is aware of and plan for critical vulnerabilities that have the potential to cause major cybersecurity incidents.
The Case for Memory Safe Roadmaps Publication
Dec 7, 2023 - This guidance provides manufacturers with steps to create memory safe roadmaps and implement changes to eliminate memory safety vulnerabilities from their products.
Secure your Wi-Fi and router Guidance
Oct 29, 2024 - How to make your software, devices and networks harder to access and more resilient to attack.
Cybersecurity for charities and not-for-profits Guidance
Mar 12, 2024 - How to avoid common cyberthreats and protect your mission .
Archived reports and statistics
Feb 13, 2025 - Search archived report and statistics
Securing customer personal data Guidance
Jul 30, 2024 - This guide is focused specifically on the protection of customers’ personal data. Guidance on general cybersecurity for businesses can be found in the Small business cybersecurity guide and the Strategies to mitigate cybersecurity incidents published by ASD’s ACSC.
Understanding Ransomware Threat Actors: LockBit Advisory
May 8, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) alongside international partners have released a joint advisory on the ransomware variant LockBit. It functions as an affiliate-based Ransomware-as-a-Service (RaaS) model where affiliates are recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure.
Secure your NAS device Guidance
Nov 29, 2024 - Protect your network-attached storage (NAS) device and the important data it holds with this guide.
2022-004: ASD's ACSC Ransomware Profile – ALPHV (aka BlackCat) Advisory
Apr 14, 2022 - ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia.
Guidelines for procurement and outsourcing Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on procurement and outsourcing activities.
2021 Top Malware Strains Advisory
Aug 5, 2022 - This joint Cybersecurity Advisory (CSA) was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).
Gateway security guidance package: Gateway operations and management Publication
Jul 29, 2022 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.
Identifying and Mitigating Living Off the Land Techniques Advisory
Feb 8, 2024 - This Guide, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and the following agencies (hereafter referred to as the authoring agencies), provides information on common living off the land (LOTL) techniques and common gaps in cyber defense capabilities.
Secure your website Guidance
Jul 29, 2024 - Small business account for over 95% of all businesses in Australia and 72% of them have a website. However, in a world in which websites are increasingly being targeted by cyber criminals, only 36% check for updates every week. For those small businesses with a website, or that are considering one, these three quick wins will help you protect your money, data and reputation.
Protect yourself from scams
Feb 3, 2025 - Protect your accounts by recognising and reporting scams.
Iranian cyber actors’ brute force and credential access activity compromises critical infrastructure Advisory
Oct 17, 2024 - The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn network defenders on Iranian cyber actors’ compromising, frequently using brute force attacks, organizations across multiple critical infrastructure sectors, including the healthcare and public health (HPH), government, information technology, engineering, and energy sectors. The actors likely aim to obtain credentials and information describing the victim’s network that can then be sold to enable access to cybercriminals.
