You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for "reduce spam" Displaying 421 - 450 of 715 results.
Critical vulnerability in Pulse/Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457) Alert
Apr 4, 2025 - Ivanti have released information regarding active exploitation of a critical vulnerability in Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457). ASD’s ACSC recommends customers follow the advice contained in Ivanti’s Security Advisory and assess their environments for malicious activity.
Small Business Cloud Security Guides: Technical Example - Application Control Publication
Dec 16, 2022 - Application control restricts the ability of an application to run or install on a device. Application control makes it harder for users to intentionally or unintentionally install unwanted or malicious software.
Updates to ASD’s Blueprint for Secure Cloud News
Mar 18, 2025 - We have updated the Blueprint to reflect recent changes to Microsoft Purview.
Next.js authentication bypass vulnerability (CVE-2025-29927) Alert
Mar 25, 2025 - An authentication bypass in the middleware layer of Next.js can allow a remote attacker to bypass security checks. Customers should update to the patched version immediately.
Critical vulnerabilities in Ingress-NGINX Controller for Kubernetes Alert
Mar 26, 2025 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of critical vulnerabilities affecting Ingress-NGINX Controller for Kubernetes. Customers should update to the latest patched version immediately.
Business Continuity in a Box Guidance
Aug 21, 2024 - Business Continuity in a Box assists organisations to swiftly and securely stand up critical business functions during or following a cybersecurity incident that has affected the availability or trust of existing systems.
Ransomware Threat
Read through the following case studies and learn from other Australians about how ransomware has affected them.
Further cyber sanctions in response to Medibank Private cyberattack News
Feb 12, 2025 - Today Australia has imposed targeted financial and travel sanctions on a cyber infrastructure entity – ZServers – and five of its Russian employees for their roles in providing infrastructure to host and disseminate data stolen from Medibank Private in 2022.
New zero trust guidance – seeking industry feedback News
Feb 10, 2025 - Have your say on new Foundations for modern defensible architectures, including zero trust and secure-by-design principles.
Are your organisation’s edge devices secure? News
Feb 5, 2025 - New publication series for executives and IT practitioners on how to secure edge devices.
"Bulletproof" hosting providers are not so bulletproof News
Jan 22, 2025 - Many cybercriminals rely on Bulletproof Hosting (BPH) providers to carry out their unlawful activities. Read our new publication to find out more about the role that BPH providers play in the cybercrime ecosystem.
Guidelines for cybersecurity roles Advice
Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity roles.
Cybersecurity guidelines
Jun 13, 2024 - Practical guidance on how an organisation can protect their information technology and operational technology systems, applications and data from cyberthreats.
Using Content Credentials to help mitigate cyber threats associated with generative AI News
Jan 30, 2025 - With advanced AI tools, digital media can be created or modified convincingly with minimal effort and cost. Learn more about media provenance solutions to help end users verify the integrity of your organisation’s content.
Become an ASD partner Hub item
Register your interest in the Australian Signals Directorate’s Cyber Security Partnership Program and provide information about yourself and your organisation.
Modern defensible architecture Publication
Feb 10, 2025 - Modern defensible architecture is the first step in Australian Signals Directorate (ASD)’s Australian Cyber Security Centre (ACSC)’s push to ensure that secure architecture and design are being considered and applied by organisations in their cyber security and resilience planning.
FortiOS & FortiProxy - Authentication bypass in Node.js websocket module vulnerability Alert
Jan 15, 2025 - Fortinet has released information regarding an identified vulnerability in FortiOS version 7.0 and FortiProxy versions 7.0 and 7.2 instances. ASD’s ACSC recommends customers follow the advice contained in Fortinet’s notification.
Limited use obligation is now law News
Dec 10, 2024 - On 29 November 2024, the Intelligence Services and Other Legislation Amendment (Cyber Security) Act 2024 became law.
Critical security vulnerability affecting Apache Struts2 below 6.4.0. Alert
Dec 13, 2024 - ASD’s ACSC is aware of a critical vulnerability impacting Apache Struts2 below 6.4.0 (CVE-2024-53677).
Vulnerability in Fortinet’s FortiManager Alert
Oct 24, 2024 - The ASD’s ACSC is aware of a vulnerability affecting all versions of Fortinet's FortiManager device that enables an unauthorised actor access to the FortiManager console (CVE-2024-47575). FortiManager devices provide centralised management of Fortinet devices from a single console.
Introduction of legislative change for Limited Use obligation News
Oct 31, 2024 - On 9 October 2024, the Australian Government introduced the Intelligence Services and Other Legislation Amendment (Cyber Security) Bill 2024 into Parliament. The Bill amends the Intelligence Services Act 2001 to legislate a Limited Use obligation for the Australian Signals Directorate (ASD).
Cyber Security Awareness Month 2024 News
Oct 1, 2024 - October is Cyber Security Awareness Month, a time for all Australians to talk about cyber security and take action to protect their devices and accounts.
Cyber Security for Operational Technology News
Oct 2, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has released new guidance to help critical infrastructure protect their systems and online supply chains.
Australian Signals Directorate releases the annual Cyber Threat Report for 2023–24 News
Nov 20, 2024 - ASD’s Cyber Threat Report 2023–24 provides an overview of the key cyber threats impacting Australia, how ASD’s ACSC is responding and cyber security advice for Australian individuals, organisations and government to protect themselves online.
Critical vulnerability in Ivanti CSA 4.6 (Cloud Services Appliance) Alert
Sep 20, 2024 - Ivanti has released a security advisory addressing a critical vulnerability affecting Ivanti CSA 4.6 (Cloud Services Appliance). The vulnerability affects Ivanti CSA 4.6 before Patch 519.
New guidance for software and service manufacturers deploying system updates News
Oct 25, 2024 - Implementing a safe software deployment program is vital for maintaining customer trust.
Iranian-based cyber actors compromising critical infrastructure networks News
Oct 17, 2024 - Iran-based cyber actors are using brute force attacks such as password spraying to compromise critical infrastructure networks.
Australian Signals Directorate’s Cyber Security Partnership Program Program page
The Australian Signals Directorate's Australian Cyber Security Partnership Program enables Australian organisations and individuals to engage with the ASD's ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.
Partner hub Hub item
The Australian Signals Directorate’s Australian Cyber Security (ASD’s ACSC) Partnership Program enables Australian organisations and individuals to engage with the ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.
IRAP Assessors List Program page
May 7, 2024 - ASD's IRAP endorses qualified security professionals to provide information security services.