You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 421 - 450 of 728 results.
Français (French) Guidance
Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Français.
Technical example: Patch operating systems Publication
Dec 16, 2022 - Patching operating systems is one of the most effective controls an organisation can implement to prevent an adversary from gaining access to their devices and sensitive information. Patches improve the security of operating systems by fixing known vulnerabilities.
Gateway security guidance package: Overview Publication
Jul 29, 2025 - This page provides an overview of ASD’s Gateway security guidance package.
Critical vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway Products Alert
Jul 4, 2025 - The ASD's ACSC is aware of critical vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway Products (CVE-2025-5349, CVE-2025-5777).
Australian Information Security Evaluation Program (AISEP) Program page
Jul 2, 2025 - The Australian Information Security Evaluation Program (AISEP) evaluates and certifies products to provide a level of assurance in its security functionality in order to protect systems and data against cyberthreats. These evaluation activities are certified by the Australian Certification Authority (ACA).
Small business cloud security guides
Apr 2, 2024 - ASD's ACSC has released a series of guides designed to help small businesses secure their cloud environment.
Reports and statistics
Nov 3, 2022 - Find the latest cyber security reports and statistics
New joint advice on artificial intelligence data security News
May 23, 2025 - Learn about significant data security risks and best practices for securing data throughout the artificial intelligence (AI) system lifecycle.
Russian GRU targeting Western logistics entities and technology companies News
May 22, 2025 - We have released a joint advisory outlining the tactics, techniques and procedures of a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies.
ລາວ (Lao) Guidance
Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Lao.
မြန်မာ (Burmese) Guidance
Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Burmese.
ភាសាខ្មែរ (Khmer) Guidance
Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Khmer.
Multiple Vulnerabilities In Ivanti Endpoint Manager Mobile (Ivanti EPMM) Alert
May 14, 2025 - The Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC) is aware of two vulnerabilities, one medium and one high severity, in Ivanti Endpoint Manager Mobile (EPMM). The ASD’s ACSC recommends organisations patch to the latest version of Ivanti EPMM, available through Ivanti’s download portal, and investigate whether their systems have been compromised.
Technical example: Application control Publication
Dec 16, 2022 - Application control restricts the ability of an application to run or install on a device. Application control makes it harder for users to intentionally or unintentionally install unwanted or malicious software.
New advice on implementing SIEM/SOAR platforms in your organisation News
May 27, 2025 - ASD has published a publication series about Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms in collaboration with our international partners.
Ransomware Threat
Read through the following case studies and learn from other Australians about how ransomware has affected them.
Business Continuity in a Box Guidance
Aug 21, 2024 - Business Continuity in a Box assists organisations to swiftly and securely stand up critical business functions during or following a cybersecurity incident that has affected the availability or trust of existing systems.
Malicious cyber actors using spyware to target individuals’ personal data News
Apr 9, 2025 - New joint advisory on BADBAZAAR and MOONSHINE spyware.
Exploitation of existing Fortinet Vulnerabilities Alert
Apr 11, 2025 - Fortinet has released information regarding exploitation of previously known vulnerabilities affecting Fortinet devices. ASD’s ACSC recommends customers follow the advice contained in Fortinet’s advisory page.
Are you protected against ‘fast flux’? News
Apr 4, 2025 - Bulletproof Hosting Providers are using ‘fast flux’ to cycle quickly through bots and DNS records to bypass detection by network defenders and law enforcement agencies.
Consider your cyber hygiene in light of global events News
Jul 1, 2025 - Around the world, geopolitical tensions remain complex as nations navigate diplomatic, economic, and military challenges. ASD’s ACSC recommends that organisations continue to review their current cyber security posture and maintain sufficient monitoring for cyber threats.
Critical vulnerability in Pulse/Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457) Alert
Apr 4, 2025 - Ivanti have released information regarding active exploitation of a critical vulnerability in Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457). ASD’s ACSC recommends customers follow the advice contained in Ivanti’s Security Advisory and assess their environments for malicious activity.
Updates to ASD’s Blueprint for Secure Cloud News
Mar 18, 2025 - We have updated the Blueprint to reflect recent changes to Microsoft Purview.
Convoluted layers: An artificial intelligence primer Publication
May 21, 2025 - Rapid advances in artificial intelligence (AI), along with public releases of AI products, have prompted governments, businesses and criminals to accelerate efforts to incorporate this new technology into their operations. This advice provides definitions for some of the most commonly encountered AI terms in cybersecurity and a brief typology of cyber threats that will arise from AI.
Next.js authentication bypass vulnerability (CVE-2025-29927) Alert
Mar 25, 2025 - An authentication bypass in the middleware layer of Next.js can allow a remote attacker to bypass security checks. Customers should update to the patched version immediately.
Critical vulnerabilities in Ingress-NGINX Controller for Kubernetes Alert
Mar 26, 2025 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of critical vulnerabilities affecting Ingress-NGINX Controller for Kubernetes. Customers should update to the latest patched version immediately.
Cybersecurity guidelines
Jun 13, 2024 - Practical guidance on how an organisation can protect their information technology and operational technology systems, applications and data from cyberthreats.
Further cyber sanctions in response to Medibank Private cyberattack News
Feb 12, 2025 - Today Australia has imposed targeted financial and travel sanctions on a cyber infrastructure entity – ZServers – and five of its Russian employees for their roles in providing infrastructure to host and disseminate data stolen from Medibank Private in 2022.
Using the information security manual Advice
Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on using the ISM.
New zero trust guidance – seeking industry feedback News
Feb 10, 2025 - Have your say on new Foundations for modern defensible architectures, including zero trust and secure-by-design principles.
