You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 271 - 300 of 661 results.
Gateway security guidance package: Gateway security principles Publication
Jul 29, 2022 - Guidance written for audiences responsible for the procurement, operation and management of gateways.
Contact us Service
Feb 25, 2023 - Contact ASD's ACSC for general enquiries and media enquiries.
Archived Alerts and Advisories
Jan 23, 2025 - Search archived cyber security alerts and advice
Preparing for and responding to denial-of-service attacks Publication
Mar 17, 2025 - Although organisations cannot avoid being targeted by denial-of-service attacks, there are a number of measures that organisations can implement to prepare for and potentially reduce the impact if targeted. Preparing for denial-of-service attacks before they occur is by far the best strategy, it is very difficult to respond once they begin and efforts at this stage are unlikely to be effective.
New domain name changes could leave your business or organisation at risk Alert
Mar 23, 2022 - The new domain name category, could leave your business or organisation open to fraudulent cyber activity. Register your .au domain name before it becomes available to the general public.
SDBBot targeting health sector Alert
Nov 12, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed increased targeting activity against the Australian health sector by actors using the SDBBot Remote Access Tool (RAT).
People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection Advisory
May 25, 2023 - The People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection joint advisory provides examples of the cyber actor’s commands, along with detection signatures to aid network defenders in hunting for this activity.
Essential Eight assessment process guide Publication
Oct 2, 2024 - This publication provides advice on how to assess the implementation of the Essential Eight.
Are your organisation’s edge devices secure? News
Feb 5, 2025 - New publication series for executives and IT practitioners on how to secure edge devices.
Planning for post-quantum cryptography Publication
Aug 25, 2023 - A cryptographically relevant quantum computer (CRQC) will render most contemporary public key cryptography insecure, thus making ubiquitous secure communications based on current public key cryptography technology infeasible. As the creation of a CRQC presents new cybersecurity risks, organisations are encouraged to consider anticipating future requirements and dependencies of vulnerable systems during the transition to post-quantum cryptography (PQC) standards.
Protecting industrial control systems Publication
Jul 1, 2018 - Industrial control systems are essential to our daily life. They control the water we drink, the electricity we rely on and the transport that moves us all. It is critical that cyberthreats to industrial control systems are understood and mitigated appropriately to ensure essential services continue to provide for everyone.
Priority logs for SIEM ingestion: Practitioner guidance Publication
May 27, 2025 - This document is again intended for cyber security practitioners and provides detailed, technical guidance on the logs that should be prioritised for SIEM ingestion. It covers log sources including Endpoint Detection and Response tools, Windows/Linux operating systems, and Cloud and Network Devices.
Shop online securely this holiday season News
Nov 8, 2023 - The holiday season is fast approaching and more Australian’s than ever are shopping online. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) are reminding Australians to be cyber secure when shopping online.
MSP Investigation Report Reports and statistics
Dec 21, 2018 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) investigation report details the theft of commercial secrets, data and information from the Australian arm of a multinational construction services company via their Managed Service Provider.
Cloud Services Program page
Feb 24, 2023 - The Cloud Services Certification Program (CSCP) ceased on 2 March 2020. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) ceased the Certified Cloud Services List (CCSL) on 27 July 2020 and concurrently released the Cloud Security Guidance package.
New advice on implementing SIEM/SOAR platforms in your organisation News
May 27, 2025 - ASD has published a publication series about Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms in collaboration with our international partners.
Set up and perform regular backups
Nov 9, 2022 - Backing up and having backups mean you can restore your files if something goes wrong. It is a precautionary measure so that your data is accessible in case something happens to your computer.
Small business
Jun 15, 2023 - Basic steps to protect your business and staff from cyberthreats. Our guide has information and resources to help you and your staff prepare for cyberattacks.
How to secure your devices
Nov 29, 2024 - Protect your sensitive data and accounts. Learn how to secure your devices such as your computer, mobile phone and Internet of Things devices.
The Commonwealth Cyber Security Posture in 2024 Reports and statistics
Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cybersecurity measures implemented across the Australian Government for the 2023–24 financial year.
Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure Advisory
Sep 6, 2024 - The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020.
Guidelines for software development Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on software development.
Essential Eight maturity model Publication
Nov 27, 2023 - This publication provides advice on how to implement the Essential Eight.
Report and recover from ransomware Guidance
Jul 14, 2023 - Learn where to get help from a ransomware attack, and steps to protect yourself against future incidents.
An introduction to securing smart places Publication
Nov 21, 2022 - Smart places, also known as smart cities, are places designed to provide enhanced services to citizens using a collection of smart information technology (IT)-enabled systems and devices that capture, communicate and analyse data. To achieve this purpose, previously discrete technologies and systems are interconnected to allow for large-scale coordination, real-time decision making, and increased visibility and situational awareness of the smart place’s status.
Securing customer personal data Guidance
Jul 30, 2024 - This guide is focused specifically on the protection of customers’ personal data. Guidance on general cybersecurity for businesses can be found in the Small business cybersecurity guide and the Strategies to mitigate cybersecurity incidents published by ASD’s ACSC.
Small Business Cloud Security Guides: Technical Example - User Application Hardening Publication
Dec 16, 2022 - User application hardening protects an organisation from a range of threats including malicious websites, advertisements running malicious scripts and exploitation of vulnerabilities in unsupported software. These attacks often take legitimate application functionality and use it for malicious purposes. User application hardening makes it harder for cybercriminals to exploit vulnerabilities or at-risk functionality in your organisation’s applications.
Malicious email mitigation strategies Publication
Oct 6, 2021 - Socially engineered emails containing malicious attachments and embedded links are routinely used in targeted cyber intrusions against organisations. This publication has been developed to provide mitigation strategies for the security risks posed by these malicious emails.
Cyber supply chain risk management Publication
May 22, 2023 - All organisations should consider cyber supply chain risk management. If a supplier, manufacturer, distributor or retailer (i.e. businesses that constitute a cyber supply chain) are involved in products or services used by an organisation, there will be a cyber supply chain risk originating from those businesses. Likewise, an organisation will transfer any cyber supply chain risk they hold to their customers.
Identifying and Mitigating Living Off the Land Techniques Advisory
Feb 8, 2024 - This Guide, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and the following agencies (hereafter referred to as the authoring agencies), provides information on common living off the land (LOTL) techniques and common gaps in cyber defense capabilities.
