Search

People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection   Advisory

May 25, 2023 - The People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection joint advisory provides examples of the cyber actor’s commands, along with detection signatures to aid network defenders in hunting for this activity.

Guidelines for software development   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on software development.

An introduction to securing smart places   Publication

Nov 21, 2022 - Smart places, also known as smart cities, are places designed to provide enhanced services to citizens using a collection of smart information technology (IT)-enabled systems and devices that capture, communicate and analyse data. To achieve this purpose, previously discrete technologies and systems are interconnected to allow for large-scale coordination, real-time decision making, and increased visibility and situational awareness of the smart place’s status.

Malicious email mitigation strategies   Publication

Oct 6, 2021 - Socially engineered emails containing malicious attachments and embedded links are routinely used in targeted cyber intrusions against organisations. This publication has been developed to provide mitigation strategies for the security risks posed by these malicious emails.

Gateway security guidance package   Guidance

Jul 29, 2025 - This page lists publications on the hardening of gateway services.

Protecting industrial control systems   Publication

Jul 1, 2018 - Industrial control systems are essential to our daily life. They control the water we drink, the electricity we rely on and the transport that moves us all. It is critical that cyberthreats to industrial control systems are understood and mitigated appropriately to ensure essential services continue to provide for everyone.

Report and recover from ransomware   Guidance

Jul 14, 2023 - Learn where to get help from a ransomware attack, and steps to protect yourself against future incidents.

Secure administration   Publication

Oct 6, 2021 - Privileged access allows administrators to perform their duties, and is often seen as the ‘keys to the kingdom’. This publication provides guidance on how to implement secure administration techniques as part of the management of privileged access.

Foundations for OT cybersecurity: Asset inventory guidance for owners and operators   Publication

Aug 14, 2025 - This guidance outlines how OT owners and operators can create and maintain an asset inventory and OT taxonomy, to protect their most vital assets. It includes steps for defining scope and objectives for the inventory, identifying assets, collecting attributes, creating a taxonomy, managing data, and implementing asset life cycle management.

Using remote desktop clients   Publication

Oct 6, 2021 - Remote access solutions are increasingly being used to access organisations’ systems and data. One common method of enabling remote access is to use a remote desktop client. This publication provides guidance on security risks associated with the use of remote desktop clients.

Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure   Advisory

Sep 6, 2024 - The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020.

Cyber supply chain risk management   Publication

May 22, 2023 - All organisations should consider cyber supply chain risk management. If a supplier, manufacturer, distributor or retailer (i.e. businesses that constitute a cyber supply chain) are involved in products or services used by an organisation, there will be a cyber supply chain risk originating from those businesses. Likewise, an organisation will transfer any cyber supply chain risk they hold to their customers.

Cyber security incident response planning: Practitioner guidance   Publication

Dec 12, 2024 - ASD defines a cyber security incident as an unwanted or unexpected cyber security event, or a series of such events, that has either compromised business operations or has a significant probability of compromising business operations.

Cloud assessment and authorisation FAQ   Publication

Jan 18, 2024 - This publication provides answers to frequently asked questions on the Australian Signals Directorate (ASD)’s assessment and authorisation framework for cloud service providers (CSPs) and their cloud services.

Exploring memory safety in critical open source projects   Publication

Jun 27, 2024 - This publication follows the December 2023 release of The Case for Memory Safe Roadmaps, which recommended software manufacturers create memory safe roadmaps, including plans to address memory safety in external dependencies, which commonly include open source software (OSS). Today’s publication provides a starting point for these roadmaps by investigating the scale of memory safety risk in selected OSS.

Critical security vulnerabilities affecting Mitel MiCollab version 9.8 SP1 FP2 (9.8.1.201) and earlier   Alert

Dec 9, 2024 - ASD’s ACSC is aware of multiple critical vulnerabilities impacting Mitel MiCollab collaboration applications.

Securing PowerShell in the enterprise   Publication

Oct 6, 2021 - This publication describes a maturity framework for PowerShell, balancing the security and business requirements of organisations. This framework enables organisations to take incremental steps towards securing PowerShell across their environment.

Guidelines for cyber security roles   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on cyber security roles.

CVE-2024-24919 - Check Point Security Gateway Information Disclosure   Alert

May 31, 2024 - The ASD’s ACSC is aware of CVE-2024-24919 that enables access of sensitive information to an unauthorised actor.

Implementing multi-factor authentication   Publication

Nov 27, 2023 - This publication has been developed to provide guidance on what multi-factor authentication is, different multi-factor authentication methods that exist and why some multi-factor authentication methods are more secure, and therefore more effective, than others.