You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 121 - 150 of 623 results.
Guidelines for email Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on email.
Sustained targeting of the health sector Alert
Oct 30, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has identified a sustained campaign by sophisticated cybercrime actors impacting the Australian health sector.
Protecting against business email compromise Publication
Oct 6, 2021 - Business email compromise is when malicious actors use email to abuse trust in business processes to scam organisations out of money or goods. Malicious actors can impersonate business representatives using similar names, domains or fraudulent logos as a legitimate organisation or by using compromised email accounts and pretending to be a trusted co-worker.
How to dispose of your device securely Guidance
May 18, 2022 - You should consider that any devices you dispose of could be accessed by strangers.
2020-013 Ransomware targeting Australian aged care and healthcare sectors Advisory
Aug 2, 2020 - Recently there has been a significant increase in healthcare or COVID-19 themed malicious cyber activity, including targeting of the aged care and healthcare sectors by financially motivated cyber criminals using the ‘Maze’ ransomware.
Critical vulnerabilities in Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways Alert
Jan 9, 2025 - Ivanti has identified critical vulnerabilities affecting Ivanti Connect Secure, Ivanti Policy Secure and Ivanti Neurons for ZTA Gateways. Customers should update to available patched versions immediately and monitor Ivanti’s Security Advisory for further advice.
How to manage your security when engaging a Managed Service Provider Publication
Oct 6, 2021 - Understand the actions organisations can take to manage the security risks posed by engaging and authorising network access for managed service providers.
Essential Eight maturity model and ISM mapping Publication
Oct 2, 2024 - This publication provides a mapping between the Essential Eight and the controls within the Information security manual (ISM).
"Bulletproof" hosting providers Publication
Jan 22, 2025 - Bulletproof hosting (BPH) providers lease cybercriminals a virtual and/or physical infrastructure from which to operate. BPH providers are a specific class of internet infrastructure service that enables malicious actors (including cybercriminals) to host illicit content and run operations on the internet.
ASD's ACSC Annual Cyber Threat Report, July 2021 to June 2022 Reports and statistics
Nov 4, 2022 - The Annual Cyber Threat Report is the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) flagship unclassified publication. The Report provides an overview of key cyberthreats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online.
Critical vulnerability identified in Apple iOS and macOS Alert
Feb 12, 2022 - A Remote Code Execution vulnerability has been identified in certain versions of Apple WebKit, affecting iOS and macOS devices. Affected users of these devices should update their devices as soon as possible.
Secure your website Guidance
Jul 29, 2024 - Small business account for over 95% of all businesses in Australia and 72% of them have a website. However, in a world in which websites are increasingly being targeted by cyber criminals, only 36% check for updates every week. For those small businesses with a website, or that are considering one, these three quick wins will help you protect your money, data and reputation.
Protect yourself and others from MyGov-related scams Advisory
Jul 16, 2020 - The Australian Taxation Office (ATO) is receiving increased reports of myGov-related SMS and email scams. As always, our advice is DON’T click any links and DON’T provide the information requested.
Secure your email Guidance
Jul 29, 2024 - How to protect yourself when using email and reduce spam and malicious emails.
Best practices for event logging and threat detection Publication
Aug 22, 2024 - This publication defines a baseline for event logging best practices to mitigate cyberthreats.
Web conferencing security Publication
Oct 6, 2021 - Web conferencing tools are essential for meeting with colleagues and clients online. This guide provides tips on how to choose a secure web conference provider, and what risks to be aware of.
PRC state-sponsored actors compromise and maintain persistent access to U.S. critical infrastructure Advisory
Feb 8, 2024 - The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.
Managed service providers: How to manage risk to customer networks Publication
Oct 6, 2021 - There are several mitigation strategies that managed service providers can implement to protect their own networks and manage the security risks posed to their customers’ networks.
Small Business Cloud Security Guides: Introduction Publication
Dec 16, 2022 - Securing your business can be a complex task. Among the numerous security priorities and configuration options, it can be difficult to know where to begin. These guides adapt ASD's ACSC’s Essential Eight mitigation strategies and outline an example of how each can be implemented to secure Microsoft 365 capabilities. The technical examples are designed to offer significant protection against cybersecurity incidents while remaining accessible to organisations with limited resources and cybersecurity expertise.
Remote code execution vulnerability present in Sophos Firewall Alert
Mar 30, 2022 - A vulnerability (CVE-2022-1040) has been identified in Sophos Firewall prior to version 18.5 which could allow a malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.
The Commonwealth Cyber Security Posture in 2024 Reports and statistics
Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cybersecurity measures implemented across the Australian Government for the 2023–24 financial year.
Conti ransomware incidents in Australia Alert
Dec 10, 2021 - Multiple Australian organisations have been impacted by Conti ransomware in November and December 2021.
Phishing Threat
Mar 19, 2023 - Learn about phishing attacks and know what to do if you've been targeted.
Remote code execution vulnerability present in SonicWall SMA 100 series appliances Alert
Jan 19, 2022 - A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.
Multiple Vulnerabilities in VMware vRealize Hyperic monitoring and performance management product Alert
Nov 8, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has identified a number of critical vulnerabilities affecting VMware’s vRealize Hyperic monitoring and performance management product.
Guidelines for data transfers Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on data transfers.
Vulnerability in Ivanti Endpoint Manager Mobile (EPMM) Alert
Jul 25, 2023 - This Alert is relevant to Australians who are running Ivanti EPMM. This alert is intended to be understood by slightly more technical users. Users are encouraged to immediately apply any available patches.
Scams Threat
Apr 21, 2023 - Online scams cost Australians millions of dollars each year and anyone can be targeted. Cybercriminals often use familiar brands and logos to make themselves seem reliable.
2021-003: Ongoing campaign using Avaddon Ransomware Advisory
May 8, 2021 - The Australian Cyber Security Centre (ACSC) is aware of an ongoing ransomware campaign utilising the Avaddon Ransomware malware. This campaign is actively targeting Australian organisations in a variety of sectors. This advisory provides details of Avaddon threat actors, dark web activity, targeted countries and sectors, the malware infection chain, and known Techniques, Tools, and Procedures (TTPs). If activity is identified relating to this advisory please report any findings to the ACSC.
Critical vulnerability present in certain versions of Apple iOS and iPadOS Alert
Oct 13, 2021 - A vulnerability has been identified in certain Apple products which could allow an actor to install malware or perform other actions on a vulnerable device.
