Skip to main content
Report a cybercrime, cyber security incident or vulnerability.
Report

What are you looking for?

You can search for keywords to find pages that can help you e.g. scam

Report

Contact us

Portal login

  • About us

    About us

    Learn about who we are and what we do.

    About us
    • About ASD's ACSC
      • Who we are
      • Alerts and advisories
      • News
      • Reports and statistics
      • Contact us
  • Learn the basics

    Learn the basics

    Interactive tools and advice to boost your online safety.

    Learn cyber security Sign up for alerts
    • Explore the basics
      • Recognise and report scams
      • Set secure passphrases
      • Set up and perform regular backups
      • Turn on multi-factor authentication
      • Update your devices
      • Watch out for threats
      • Small business
      • Seniors
    • View resources
      • Glossary
      • Quiz library
      • Resources library
      • Translated Information
  • Protect yourself

    Protect yourself

    Advice and information about how to protect yourself online.

    Protect yourself Easy steps to secure yourself online Sign up for alerts
    • Securing your accounts
      • Multi-factor authentication
      • Passphrases
      • Passkeys
    • Securing your devices
      • How to secure your devices
      • How to back up your files and devices
      • How to update your device and software
    • Securing your email
      • Email security
    • Staying secure online
      • Connecting with others online
      • Protect yourself from scams
      • Online shopping
      • Connecting to public Wi-Fi and hotspots
      • Secure your Wi-Fi and router
      • Cybersecurity for charities and not-for-profits
    • Resources to protect yourself
      • Protecting your family
      • Personal cyber security guides
  • Threats

    Threats

    Common online security risks and advice on what you can do to protect yourself.

    Threats Report a cybercrime Sign up for alerts
    • Types of threats
      • Account compromise
      • Business email compromise
      • Cryptomining
      • Data breaches
      • Hacking
      • Identity theft
      • Malicious insiders
      • Malware
      • Phishing
      • Quishing
      • Ransomware
      • Scams
      • Social engineering
  • Report and recover

    Report and recover

    Respond to cyber threats and take steps to protect yourself from further harm.

    Report and recover Make a report Sign up for alerts
    • Report
      • Report a cybercrime, incident or vulnerability
      • Cybercrime - getting help
      • Single Reporting Portal
    • How we help during a cybersecurity incident
      • ASD’s role in cybersecurity: For legal practitioners
      • Supporting Australian organisations through a cybersecurity incident
      • Limited Use
    • Recover from
      • Account compromise
      • Business email compromise
      • Data breaches
      • Hacking
      • Identity theft
      • Malware
      • Ransomware
      • Scams
  • Resources for Business and Government

    Resources for business and government

    Resources for business and government agencies on cyber security.

    Resources for business and government Become an ASD partner Alerts and advisories Exercise in a Box
    • Essential cybersecurity
      • Critical Infrastructure
      • Essential Eight
      • Information security manual
      • Protecting your business and employees
      • Publications
      • Small business cyber security
      • Strategies to mitigate cyber security incidents
    • Maintaining devices and systems
      • Operational technology environments
      • ASD's Blueprint for Secure Cloud
      • Cloud security guidance
      • Outsourcing and procurement
      • Remote working and secure mobility
      • System hardening and administration
    • Governance and user education
      • Governance
      • User education
      • Artificial intelligence
      • Incident response
      • Modern defensible architecture
      • Secure by Design
    • Assessment and evaluation programs
      • Australian Information Security Evaluation Program (AISEP)
      • Critical Infrastructure Uplift Program (CI-UP)
      • Emanation Security Program
      • High Assurance Evaluation Program
      • Infosec Registered Assessors Program (IRAP)
      • Essential Eight Assessment Course
  • Contact us
  • Report a cybercrime or cyber security incident
  • Portal login
Australian Cyber
Security Hotline
1300 CYBER1 (1300 292 371)

Search

Filter results by

Content type

  • Advice and guidance
  • Alerts and advisories
  • News and media releases
  • Programs
  • Publications
  • Reports and statistics
  • Threats

Audience

  • Individuals & families
  • Small & medium businesses
  • Organisations & Critical Infrastructure
  • Government

Displaying search results for
Displaying 91 - 120 of 712 results.

Applied filters
Clear all filters

/about-us/advisories/2023-03-asdacsc-ransomware-profile-lockbit-3.0

2023-03: ASD's ACSC Ransomware Profile – Lockbit 3.0   Advisory

Jun 15, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of Lockbit 3.0 which is the newest version of Lockbit ransomware. It is used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes as other variants such as encrypting their data, and extorting a ransom to return access to the sensitive files.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/ism/cybersecurity-guidelines/guidelines-personnel-security

Guidelines for personnel security   Advice

Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on personnel security.

Organisations & Critical Infrastructure
Government
/resources-business-and-government/governance-and-user-education/secure-by-design/case-memory-safe-roadmaps

The Case for Memory Safe Roadmaps   Publication

Dec 7, 2023 - This guidance provides manufacturers with steps to create memory safe roadmaps and implement changes to eliminate memory safety vulnerabilities from their products.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/ism/cybersecurity-terminology

Cybersecurity terminology   Advice

Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity terminology.

Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/remote-working-and-secure-mobility/remote-working/using-remote-desktop-clients

Using remote desktop clients   Publication

Oct 6, 2021 - Remote access solutions are increasingly being used to access organisations’ systems and data. One common method of enabling remote access is to use a remote desktop client. This publication provides guidance on security risks associated with the use of remote desktop clients.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/ism/cybersecurity-principles

Cybersecurity principles   Advice

Jul 3, 2025 - Follow the Information security manual (ISM)'s cybersecurity principles to protect information technology and operational technology systems, applications and data from cyberthreats.

Organisations & Critical Infrastructure
Government
/resources-business-and-government/governance-and-user-education/secure-by-design/safe-software-deployment-how-software-manufacturers-can-ensure-reliability-for-customers

Safe Software Deployment   Publication

Oct 25, 2024 - It is critical for all software manufacturers to implement a safe software deployment program supported by verified processes, including robust testing and measurements.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/legacy-it-management/end-support-microsoft-windows-and-microsoft-windows-server

End of support for Microsoft Windows and Microsoft Windows Server   Publication

Mar 20, 2024 - Support for Microsoft Windows and Microsoft Windows Server users following the expiration of the specified servicing timeline.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-administration/securing-powershell-enterprise

Securing PowerShell in the enterprise   Publication

Oct 6, 2021 - This publication describes a maturity framework for PowerShell, balancing the security and business requirements of organisations. This framework enables organisations to take incremental steps towards securing PowerShell across their environment.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/network-hardening/securing-edge-devices/mitigation-strategies-edge-devices-practitioner-guidance

Mitigation strategies for edge devices: Practitioner guidance   Publication

Feb 4, 2025 - This publication expands on Mitigation strategies for edge devices: executive guidance. It provides IT practitioners with a list of mitigation strategies for the most common types of edge devices and appliances across enterprise networks and large organisations.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/about-asd-acsc/contact-us

Contact us  

Feb 25, 2023 - Contact ASD's ACSC for general enquiries and media enquiries.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/outsourcing-and-procurement/cyber-supply-chains/choosing-secure-and-verifiable-technologies

Choosing secure and verifiable technologies   Publication

Dec 5, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and international partners have provided recommendations in this guide as a roadmap for choosing secure and verifiable technologies.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/advisories/2023-01-asdacsc-ransomware-profile-royal

2023-01: ASD's ACSC Ransomware Profile - Royal   Advisory

Jan 24, 2023 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a ransomware variant called Royal, which is being used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes to other variants such as encrypting their data and extorting a ransom to return access to the sensitive files.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/reports-and-statistics/commonwealth-cyber-security-posture-2024

The Commonwealth Cyber Security Posture in 2024   Reports and statistics

Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cybersecurity measures implemented across the Australian Government for the 2023–24 financial year.

Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/essential-eight/essential-eight-maturity-model-faq

Essential Eight maturity model FAQ   Publication

Oct 28, 2024 - This publication provides answers to frequency asked questions on how to implement the Essential Eight.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/strategies-mitigate-cybersecurity-incidents/strategies-mitigate-cybersecurity-incidents-mitigation-details

Strategies to mitigate cybersecurity incidents: Mitigation details   Publication

Feb 1, 2017 - The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help cybersecurity professionals in all organisations mitigate cybersecurity incidents caused by various cyberthreats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-administration/secure-administration

Secure administration   Publication

Oct 6, 2021 - Privileged access allows administrators to perform their duties, and is often seen as the ‘keys to the kingdom’. This publication provides guidance on how to implement secure administration techniques as part of the management of privileged access.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-hardening/detecting-and-mitigating-active-directory-compromises

Detecting and mitigating Active Directory compromises   Publication

Jan 22, 2025 - This publication provides an overview of techniques used to compromise Active Directory, and recommended strategies to mitigate these techniques. By implementing the recommendations in this publication, organisations can significantly improve their Active Directory security, and therefore their overall network security posture.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/ism/cybersecurity-guidelines/guidelines-database-systems

Guidelines for database systems   Advice

Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on database systems.

Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/small-business-cybersecurity/securing-customer-personal-data

Securing customer personal data   Guidance

Jul 30, 2024 - This guide is focused specifically on the protection of customers’ personal data. Guidance on general cybersecurity for businesses can be found in the Small business cybersecurity guide and the Strategies to mitigate cybersecurity incidents published by ASD’s ACSC.

Small & medium businesses
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/cross-domain-solutions/fundamentals-cross-domain-solutions

Fundamentals of Cross Domain Solutions   Publication

Oct 6, 2021 - This publication introduces technical and non-technical audiences to cross domain security principles for securely connecting security domains.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/network-hardening/securing-edge-devices/mitigating-strategies-edge-devices-executive-guidance

Mitigation strategies for edge devices: Executive guidance   Publication

Feb 4, 2025 - This publication provides a high-level summary of ASD’s existing guidance to manage and secure edge devices effectively. It is intended for executives in large organisations and critical infrastructure providers that are responsible for the deployment, operation, security, and maintenance of enterprise networks. ASD is soon to release a comprehensive technical publication on mitigation strategies for edge devices for practitioners.

Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/enhanced-visibility-and-hardening-guidance-communications-infrastructure

Enhanced visibility and hardening guidance for communications infrastructure   Advisory

Dec 4, 2024 - This guide provides network engineers and defenders of communications infrastructure with best practices to strengthen their visibility and harden their network devices against successful exploitation carried out by PRC-affiliated and other malicious cyber actors.

Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/network-hardening/securing-edge-devices/security-considerations-edge-devices

Security considerations for edge devices   Publication

Feb 5, 2025 - Edge devices are an important part of many enterprise computing systems. They allow connection across various devices that aid in productivity. However, just like with all technology they are not without their vulnerabilities. Edge devices require attention and diligence to keep data safe and secure.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/governance-and-user-education/secure-by-design/secure-demand-priority-considerations-operational-technology-owners-and-operators-when-selecting-digital-products

Secure by Demand   Publication

Jan 14, 2025 - This Secure by Demand guide, authored by CISA with contributions from the following partners, describes how OT owners and operators should integrate security into their procurement process when purchasing industrial automation and control systems as well as other OT products.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/ism/cybersecurity-guidelines/guidelines-media

Guidelines for media   Advice

Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on media.

Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/outsourcing-and-procurement/cyber-supply-chains/choosing-secure-and-verifiable-technologies-executive-guidance

Choosing secure and verifiable technologies: Executive guidance   Publication

Dec 5, 2024 - This guide supports senior leaders to enable their organisations to understand their threat environment and make better-informed assessments and decisions to procure secure technologies.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/remote-working-and-secure-mobility/secure-mobility/risk-management-enterprise-mobility-including-bring-your-own-device

Risk management of enterprise mobility (including Bring Your Own Device)   Publication

Oct 6, 2021 - This publication has been developed to provide senior business representatives with a list of enterprise mobility considerations. These include business cases, regulatory obligations and legislation, available budget and personnel resources, and risk tolerance. Additionally, risk management controls are provided for cybersecurity practitioners.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/advisories/advisory-2020-009-recommendations-mitigate-apt-actors-targeting-health-sector-and-covid-19-essential-services

Advisory 2020-009: Recommendations to mitigate APT actors targeting health sector and COVID-19 essential services   Advisory

May 8, 2020 - The ACSC recommends that organisations in the health sector implement the following cyber security mitigations:

Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/ism/cybersecurity-guidelines/guidelines-physical-security

Guidelines for physical security   Advice

Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on physical security.

Organisations & Critical Infrastructure
Government

Pagination

  • First page « First
  • Previous page ‹‹
  • Page 1
  • Page 2
  • Page 3
  • Current page 4
  • Page 5
  • Page 6
  • Page 7
  • Page 8
  • Page 9
  • …
  • Next page ››
  • Last page Last »
Report a cybersecurity incident for critical infrastructure
Get alerts on new threats Alert Service
Become an ASD Partner
Report a cybercrime or cybersecurity incident
Acknowledgement of Country Circle
Acknowledgement of Country

We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities.
We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Australian Cyber Security Hotline 1300 CYBER1 (1300 292 371)
  • Contact us
  • Glossary
  • View all content
  • Copyright
  • Privacy
  • Accessibility
  • Disclaimer
  • Careers
  • Social media terms of use

Popular pages

  • Essential Eight
  • Alerts and advisories
  • Information Security Manual
Authorised by the Australian Government, Canberra