You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 1 - 30 of 623 results.
Information security manual
Sep 26, 2024 - The Information security manual (ISM) is a cybersecurity framework that an organisation can apply, using their risk management framework, to protect their information technology and operational technology systems, applications and data from cyberthreats.
Translated information
Apr 4, 2024 - We have developed easy-to-follow cybersecurity information and resources to support people from non-English speaking backgrounds to be more cyber secure.
Using the Information security manual Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on using the ISM.
Guidelines for information technology equipment Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on information technology equipment.
Australian Information Security Evaluation Program (AISEP) Program page
Mar 5, 2025 - The Australian Information Security Evaluation Program (AISEP) evaluates and certifies products to provide a level of assurance in its security functionality in order to protect systems and data against cyberthreats. These evaluation activities are certified by the Australian Certification Authority (ACA).
The silent heist: cybercriminals use information stealer malware to compromise corporate networks Advisory
Sep 2, 2024 - Information stealer malware steals user login credentials and system information that cyber threat actors exploit, predominantly for monetary gain. Information stealers have been observed in attacks against multiple organisations and sectors worldwide, including Australia. This advisory provides readers with cyber security guidance on information stealers, including threat activity and mitigation advice for individuals and organisations.
CVE-2024-24919 - Check Point Security Gateway Information Disclosure Alert
May 31, 2024 - The ASD’s ACSC is aware of CVE-2024-24919 that enables access of sensitive information to an unauthorised actor.
Information Security Registered Assessor Program (IRAP) News
Dec 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is further enhancing cyber security assessment and training, improving cyber skills, and creating new cyber careers for Australians through the Information Security Registered Assessor Program (IRAP).
The Silent Heist: Cybercriminals use information stealer malware to compromise corporate networks News
Sep 2, 2024 - New advisory released on information stealer malware used in cybercrime attacks.
New Information Security Manual format now available News
Sep 15, 2022 - The Information Security Manual (ISM) provides organisations with a cyber security framework that they can apply to protect their systems and data.
Data breach of personal information
Consumer Data Right information security incident
Active exploitation of vulnerability in Microsoft Internet Information Services Alert
May 22, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware that sophisticated actors are actively exploiting a deserialisation vulnerability existing in all versions of Microsoft’s Internet Information Services (IIS) using the .NET framework (.NET). The vulnerability exploits the service’s VIEWSTATE parameter to allow for remote code execution by unauthorised users.
Data breach of Consumer Data Right information
Information security incident affecting APRA-regulated entities
Information security weakness affecting APRA-regulated entities
2020-006 Detecting and mitigating exploitation of vulnerability in Microsoft Internet Information Services Advisory
May 22, 2020 - This advisory provides indicators of the activity the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed and details proactive advice on detecting and mitigating potential exploitation of this vulnerability in Microsoft Internet Information Services.
Seniors
Jun 23, 2023 - This guide provides some simple steps and resources to protect your personal information, accounts and life savings when going online.
Spotting scams Guidance
Learn how to identify phishing messages to stay safe and protect your personal information.
Data breaches Threat
Aug 30, 2023 - Sometimes personal information is released to unauthorised people by accident or as the result of a security breach. For example, an email with personal information can be sent to the wrong person, or a computer system can be hacked and personal information stolen. These are known as data breaches or data spills.
Report and recover from hacking Guidance
Apr 11, 2023 - If someone has stolen your money or personal information, find out what to do and who to contact. We also provide advice on how to avoid scams in future.
Identity theft Threat
Nov 14, 2024 - Learn about how identity theft can affect you and how to keep your personal information secure.
Report and recover from a data breach Guidance
Jul 14, 2023 - A data breach occurs when sensitive or personal information is accessed, disclosed or exposed to unauthorised people.
Securing customer personal data Guidance
Jul 30, 2024 - This guide is focused specifically on the protection of customers’ personal data. Guidance on general cybersecurity for businesses can be found in the Small business cybersecurity guide and the Strategies to mitigate cybersecurity incidents published by ASD’s ACSC.
AI Data Security Publication
May 23, 2025 - This publication provides essential data security guidance for organisations that develop and/or use AI systems, including businesses, government and critical infrastructure. It highlights the importance of data security in ensuring the accuracy and integrity of AI outcomes, and presents an in-depth examination of 3 areas of data security risks in AI systems: data supply chain, maliciously modified (poisoned) data, and data drift.
Geo-blocking in context: Realities, risks and recommendations Publication
May 19, 2025 - This guidance is intended for decision makers and cybersecurity practitioners. It highlights what to be aware of when identifying the source of a threat and the potential implications of geo-blocking in a broader cybersecurity strategy.
Small business
Jun 15, 2023 - Basic steps to protect your business and staff from cyberthreats. Our guide has information and resources to help you and your staff prepare for cyberattacks.
Personal cyber security: Next steps guide Guidance
Jun 16, 2023 - The second of three cyber security guides in the personal cyber security series is designed to help everyday Australians understand a moderate level of cyber security and how to take action to protect themselves from cyber threats.
Report and recover from scams Guidance
Vulnerability disclosure programs explained Publication
Dec 12, 2024 - A vulnerability disclosure program (VDP) is a collection of processes and procedures designed to identify, verify, resolve and report on vulnerabilities disclosed by people who may be internal or external to organisations. The importance of developing, implementing and maintaining a well thought-out VDP cannot be underestimated. It is an integral part of professional organisations’ business operations.
