You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 361 - 380 of 670 results.
Protecting industrial control systems Publication
Jul 1, 2018 - Industrial control systems are essential to our daily life. They control the water we drink, the electricity we rely on and the transport that moves us all. It is critical that cyberthreats to industrial control systems are understood and mitigated appropriately to ensure essential services continue to provide for everyone.
2022 Top Routinely Exploited Vulnerabilities Advisory
Aug 4, 2023 - This advisory provides details on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2022 and the associated Common Weakness Enumeration(s) (CWE).
Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure Advisory
Sep 6, 2024 - The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020.
Domain Name System security for domain resolvers Publication
Oct 6, 2021 - This publication explores DNS security for recursive resolution servers. It also shares helpful strategies to reduce the risk of DNS resolver subversion or compromise.
Gootkit Loader continues to be used on multiple Australian networks Advisory
Dec 23, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) continues to observe instances of Gootkit JavaScript (JS) Loaders on multiple Australian networks in 2022. Open source reporting also indicates continued Gootkit activity.
Multiple high severity vulnerabilities discovered in the Exim mail server Alert
May 10, 2021 - Exim vulnerabilities could enable a malicious cyber actor to compromise vulnerable Exim servers. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends applying available patches.
Remote code execution vulnerability present in the MSHTML component of Microsoft Windows Alert
Sep 14, 2021 - A vulnerability exists in a component of Microsoft Windows. A malicious cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. At this current time there is no patch available, affected Australian customers should apply the Microsoft recommended workarounds.
Vulnerability Affecting BlackBerry QNX RTOS Advisory
Aug 17, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a vulnerability affecting the BlackBerry QNX, the world’s most prevalent real time operating system.
Strategies to mitigate cybersecurity incidents Publication
Feb 1, 2017 - The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help organisations mitigate cybersecurity incidents caused by various cyberthreats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.
ForgeRock Open AM critical vulnerability Alert
Jul 7, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed active exploitation of a vulnerability in ForgeRock OpenAM (reported as CVE-2021-35464) against a number of Australian organisations. The ASD’s ACSC strongly recommends organisations urgently apply available patches or workarounds to mitigate the risk of this vulnerability being exploited.
Revised patch released to disable mitigation against Spectre variant 2 Advisory
Jan 29, 2020 - Intel has confirmed that the microcode updates designed to mitigate Spectre variant 2 (CVE-2017-5715: Branch Target Injection) have introduced an increased risk of system instability, data loss and corruption.
Microsoft Exchange Server security best practices Publication
Oct 31, 2025 - This paper—authored by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), and Canadian Centre for Cyber Security (Cyber Centre)—provides security best practices for administrators on hardening on-premises (on-prem) Exchange.
Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations Advisory
Sep 15, 2022 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) has joined with international cyber security agency partners to co-author an advisory on continued Iranian state-sponsored cyber threats. Organisations are encouraged to apply the recommended mitigations to protect themselves online.
Understanding Ransomware Threat Actors: LockBit Advisory
May 8, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) alongside international partners have released a joint advisory on the ransomware variant LockBit. It functions as an affiliate-based Ransomware-as-a-Service (RaaS) model where affiliates are recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure.
Easy steps to secure yourself online Guidance
Apr 7, 2021 - Reduce the risk of being targeted by cybercriminals by following these easy steps.
Preparing for and responding to denial-of-service attacks Publication
Mar 17, 2025 - Although organisations cannot avoid being targeted by denial-of-service attacks, there are a number of measures that organisations can implement to prepare for and potentially reduce the impact if targeted. Preparing for denial-of-service attacks before they occur is by far the best strategy, it is very difficult to respond once they begin and efforts at this stage are unlikely to be effective.
Important Vulnerabilities in Microsoft’s May 2023 Security Update Alert
May 11, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is concerned about vulnerabilities disclosed in Microsoft’s May 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations.
Microsoft Exchange ProxyShell Targeting in Australia Alert
Aug 19, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed targeting of the Microsoft Exchange ProxyShell vulnerability by Malicious actors.
Implementing application control Publication
Nov 27, 2023 - Application control is one of the most effective mitigation strategies in ensuring the security of systems. As such, application control forms part of the Essential Eight from the Strategies to mitigate cybersecurity incidents. This publication provides guidance on what application control is, what application control is not, and how to implement application control.
Practical cyber security tips for business leaders News
Jan 17, 2024 - Business leaders are at higher risk of a cyber incident due to the information they have access to, the people they interact with and the influence they have.
