Skip to main content
Report a cybercrime, cyber security incident or vulnerability.
Report

What are you looking for?

You can search for keywords to find pages that can help you e.g. scam

Report

Contact us

Portal login

  • About us

    About us

    Learn about who we are and what we do.

    About us
    • About ASD's ACSC
      • Who we are
      • Alerts and advisories
      • News
      • Reports and statistics
      • Contact us
  • Learn the basics

    Learn the basics

    Interactive tools and advice to boost your online safety.

    Learn cyber security Sign up for alerts
    • Explore the basics
      • Recognise and report scams
      • Set secure passphrases
      • Set up and perform regular backups
      • Turn on multi-factor authentication
      • Update your devices
      • Watch out for threats
      • Small business
      • Seniors
    • View resources
      • Glossary
      • Quiz library
      • Resources library
      • Translated Information
  • Protect yourself

    Protect yourself

    Advice and information about how to protect yourself online.

    Protect yourself Easy steps to secure yourself online Sign up for alerts
    • Securing your accounts
      • Multi-factor authentication
      • Passphrases
      • Passkeys
    • Securing your devices
      • How to secure your devices
      • How to back up your files and devices
      • How to update your device and software
    • Securing your email
      • Email security
    • Staying secure online
      • Connecting with others online
      • Protect yourself from scams
      • Online shopping
      • Connecting to public Wi-Fi and hotspots
      • Secure your Wi-Fi and router
      • Cybersecurity for charities and not-for-profits
    • Resources to protect yourself
      • Protecting your family
      • Personal cyber security guides
  • Threats

    Threats

    Common online security risks and advice on what you can do to protect yourself.

    Threats Report a cybercrime Sign up for alerts
    • Types of threats
      • Account compromise
      • Business email compromise
      • Cryptomining
      • Data breaches
      • Hacking
      • Identity theft
      • Malicious insiders
      • Malware
      • Phishing
      • Quishing
      • Ransomware
      • Scams
      • Social engineering
  • Report and recover

    Report and recover

    Respond to cyber threats and take steps to protect yourself from further harm.

    Report and recover Make a report Sign up for alerts
    • Report
      • Report a cybercrime, incident or vulnerability
      • Cybercrime - getting help
      • Single Reporting Portal
    • How we help during a cybersecurity incident
      • ASD’s role in cybersecurity: For legal practitioners
      • Supporting Australian organisations through a cybersecurity incident
      • Limited Use
    • Recover from
      • Account compromise
      • Business email compromise
      • Data breaches
      • Hacking
      • Identity theft
      • Malware
      • Ransomware
      • Scams
  • Resources for Business and Government

    Resources for business and government

    Resources for business and government agencies on cyber security.

    Resources for business and government Become an ASD partner Alerts and advisories Exercise in a Box
    • Essential cybersecurity
      • Critical Infrastructure
      • Essential Eight
      • Information security manual
      • Protecting your business and employees
      • Publications
      • Small business cyber security
      • Strategies to mitigate cyber security incidents
    • Maintaining devices and systems
      • Operational technology environments
      • ASD's Blueprint for Secure Cloud
      • Cloud security guidance
      • Outsourcing and procurement
      • Remote working and secure mobility
      • System hardening and administration
    • Governance and user education
      • Governance
      • User education
      • Artificial intelligence
      • Incident response
      • Modern defensible architecture
      • Secure by Design
    • Assessment and evaluation programs
      • Australian Information Security Evaluation Program (AISEP)
      • Critical Infrastructure Uplift Program (CI-UP)
      • Emanation Security Program
      • High Assurance Evaluation Program
      • Infosec Registered Assessors Program (IRAP)
      • Essential Eight Assessment Course
  • Contact us
  • Report a cybercrime or cyber security incident
  • Portal login
Australian Cyber
Security Hotline
1300 CYBER1 (1300 292 371)

Search

Filter results by

Content type

  • Advice and guidance
  • Alerts and advisories
  • News and media releases
  • Programs
  • Publications
  • Reports and statistics
  • Threats

Audience

  • Individuals & families
  • Small & medium businesses
  • Organisations & Critical Infrastructure
  • Government

Displaying search results for
Displaying 121 - 150 of 712 results.

Applied filters
Clear all filters

/threats/types-threats/social-engineering

Social engineering   Threat

May 29, 2025 - Social engineering is a significant threat to individuals and organisations, enabling malicious actors to compromise accounts, devices, systems or sensitive information.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/governance-and-user-education/practical-cybersecurity-tips-business-leaders

Practical cybersecurity tips for business leaders   Publication

Jan 17, 2024 - Business leaders can be appealing targets for malicious actors due to the sensitive information they can access, the important people they interact with and the influence they hold. This publication includes a checklist of practical tips business leaders can implement to improve their cybersecurity. The checklist is followed by a brief explanation of each tip and why it is recommended.

Small & medium businesses
Organisations & Critical Infrastructure
/about-us/view-all-content/alerts-and-advisories/identifying-and-mitigating-living-off-the-land-techniques

Identifying and Mitigating Living Off the Land Techniques   Advisory

Feb 8, 2024 - This Guide, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and the following agencies (hereafter referred to as the authoring agencies), provides information on common living off the land (LOTL) techniques and common gaps in cyber defense capabilities.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/prc-state-sponsored-actors-compromise-and-maintain-persistent-access-us-critical-infrastructure

PRC state-sponsored actors compromise and maintain persistent access to U.S. critical infrastructure   Advisory

Feb 8, 2024 - The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-monitoring/implementing-siem-and-soar-platforms/implementing-siem-and-soar-platforms-executive-guidance

Implementing SIEM and SOAR platforms: Executive guidance   Publication

May 27, 2025 - This publication is one of three in a suite of guidance on SIEM and SOAR platforms. It is primarily intended for executives but can be used by any organisation that is considering whether and how to implement a SIEM and/or SOAR.

Organisations & Critical Infrastructure
Government
/resources-business-and-government/governance-and-user-education/secure-by-design/shifting-balance-cybersecurity-risk

Shifting the Balance of Cybersecurity Risk   Publication

Oct 17, 2023 - The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the following international partners provide the recommendations in this guide as a roadmap for technology manufacturers to ensure security of their products.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/report-and-recover/report/report-a-cyber-security-incident

Report a cyber security incident   Service

If you are reporting fraud or cybercrime, please refer to the ReportCyber – Cybercrime page.

Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-monitoring/windows-event-logging-and-forwarding

Windows event logging and forwarding   Publication

Oct 6, 2021 - This publication has been developed as a guide to the setup and configuration of Microsoft Windows event logging and forwarding.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/threats/types-threats/identity-theft

Identity theft   Threat

Nov 14, 2024 - Learn about how identity theft can affect you and how to keep your personal information secure.

Individuals & families
/about-us/advisories/iranian-government-sponsored-apt-cyber-actors-exploiting-microsoft-exchange-and-fortinet-vulnerabilities-furtherance-malicious-activities

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities   Advisory

Nov 22, 2021 - Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple U.S. critical infrastructure sectors, including the Transportation Sector and the Healthcare and Public Health Sector, as well as Australian organisations.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/small-business-cybersecurity/small-business-cloud-security-guide/small-business-cloud-security-guides-executive-overview

Small Business Cloud Security Guides: Executive Overview   Publication

Dec 16, 2022 - In recognition of the increasing prevalence of cloud computing, the Australian Cyber Security Centre (ACSC) has published the Small business cloud security guides. These guides are designed to provide protection against cybersecurity incidents while remaining accessible to organisations which may not have the resources and expertise to implement a more sophisticated strategy.

Small & medium businesses
/about-us/about-acsc/engagement-request

ASD/ACSC engagement request   Hidden

Jun 8, 2023 - Thank you for your interest in having ASD/ACSC attend or speak at your event. In order for us to identify the most appropriate staff member, we ask that you provide us with some information about your event, the audience and intended outcome of your engagement with ASD/ACSC. Please note we require 8 weeks’ notice to review your request.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/news/joint-cybersecurity-advisory-released-2021s-top-routinely-exploited-vulnerabilities

Joint cybersecurity advisory released on 2021's top routinely exploited vulnerabilities   News

Apr 28, 2022 - Malicious cyber actors are aggressively targeting newly-disclosed and dated critical software vulnerabilities against a broad range of targets, including public and private sector organisations worldwide.

Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/svr-cyber-actors-adapt-tactics-initial-cloud-access

SVR cyber actors adapt tactics for initial cloud access   Advisory

Feb 27, 2024 - How SVR-attributed actors are adapting to the move of government and corporations to cloud infrastructure.

Organisations & Critical Infrastructure
Government
/about-us/news/privacy-awareness-week-2023

Privacy Awareness Week 2023   News

Apr 28, 2023 - The Australian Cyber Security Centre (ACSC) is supporting with the Office of the Australian Information Commissioner (OAIC) to support Privacy Awareness Week.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
/about-us/advisories/advisory-2020-008-copy-paste-compromises-tactics-techniques-and-procedures-used-target-multiple-australian-networks

Advisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks   Advisory

Sep 16, 2020 - This advisory details the tactics, techniques and procedures (TTPs) identified during the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) investigation of a cyber campaign targeting Australian networks. These TTPs are captured in the frame of tactics and techniques outlined in the MITRE ATT&CK framework.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/threats/types-threats/malicious-insiders

Malicious insiders   Threat

Jun 23, 2020 - Malicious insiders can be employees, former employees, contractors or business associates who have legitimate access to your systems and data, but use that access to destroy data, steal data or sabotage your systems. It does not include well-meaning staff who accidentally put your cyber security at risk or spill data.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/russian-gru-targeting-western-logistics-entities-and-technology-companies

Russian GRU targeting Western logistics entities and technology companies   Advisory

May 22, 2025 - This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-hardening/iot-secure-design-guidance-manufacturers

IoT Secure by Design guidance for manufacturers   Publication

Sep 21, 2023 - This guidance has been produced for manufacturers in order to help them implement thirteen Secure by Design principles.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/small-business-cybersecurity/small-business-cloud-security-guides/small-business-google-chromebook-and-chromeos-security-guide

Small Business Google Chromebook and ChromeOS Security Guide   Guidance

Nov 12, 2024 - This publication was developed by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) with technical input from Chrome Engineering.

Small & medium businesses
Organisations & Critical Infrastructure
/about-us/view-all-content/alerts-and-advisories/stopransomware-bianlian-ransomware-group

#StopRansomware: BianLian Ransomware Group   Advisory

Nov 21, 2024 - The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint Cybersecurity Advisory to disseminate known BianLian ransomware and data extortion group IOCs and TTPs identified through FBI and ASD's ACSC investigations as of March 2023.

Small & medium businesses
Organisations & Critical Infrastructure
/about-us/view-all-content/alerts-and-advisories/preventing-web-application-access-control-abuse

Preventing Web Application Access Control Abuse   Advisory

Jul 28, 2023 - The Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers of web applications and organizations using web applications about insecure direct object reference (IDOR) vulnerabilities.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/web-hardening/secure-your-website

Secure your website   Guidance

Jul 29, 2024 - Small business account for over 95% of all businesses in Australia and 72% of them have a website. However, in a world in which websites are increasingly being targeted by cyber criminals, only 36% check for updates every week. For those small businesses with a website, or that are considering one, these three quick wins will help you protect your money, data and reputation.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/advisories/2020-006-detecting-and-mitigating-exploitation-vulnerability-microsoft-internet-information-services

2020-006 Detecting and mitigating exploitation of vulnerability in Microsoft Internet Information Services   Advisory

May 22, 2020 - This advisory provides indicators of the activity the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed and details proactive advice on detecting and mitigating potential exploitation of this vulnerability in Microsoft Internet Information Services.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/essential-eight/essential-eight-assessment-process-guide

Essential Eight assessment process guide   Publication

Oct 2, 2024 - This publication provides advice on how to assess the implementation of the Essential Eight.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/resources-business-and-government/essential-cybersecurity/small-business-cybersecurity/small-business-cloud-security-guide/technical-example-regular-backups

Small Business Cloud Security Guides: Technical Example - Regular Backups   Publication

Dec 16, 2022 - Implementing regular backups will assist your organisation to recover and maintain its operations in the event of a cybersecurity incident, for example, a ransomware attack.

Small & medium businesses
/about-us/alerts/optus-data-breach

Optus Data Breach   Alert

Sep 30, 2022 - To help protect against fraud, Optus has notified customers to look to reputable sources such as Moneysmart and the Office of the Australian Information Commissioner.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-hardening/implementing-multi-factor-authentication

Implementing multi-factor authentication   Publication

Nov 27, 2023 - This publication has been developed to provide guidance on what multi-factor authentication is, different multi-factor authentication methods that exist and why some multi-factor authentication methods are more secure, and therefore more effective, than others.

Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/alerts-and-advisories/increase-in-denial-of-service-attacks-against-australian-organisations

Increase in denial-of-service (DoS) attacks against Australian organisations   Advisory

Mar 17, 2025 - ASD's ACSC is aware of an increase in denial-of-service (DoS) attacks, where malicious actors flood websites with internet traffic, making it difficult for legitimate users to access them.

Individuals & families
Small & medium businesses
Organisations & Critical Infrastructure
Government
/about-us/view-all-content/news-and-media/new-secure-by-demand-guidance-available-operational-technology-owners-and-operators

New Secure by Demand guidance available for operational technology owners and operators   News

Jan 14, 2025 - To protect your systems from threat actors targeting your operational technology components, select products from manufacturers who are Secure-by-Design. Find out which security elements to prioritise.

Small & medium businesses
Organisations & Critical Infrastructure
Government

Pagination

  • First page « First
  • Previous page ‹‹
  • Page 1
  • Page 2
  • Page 3
  • Page 4
  • Current page 5
  • Page 6
  • Page 7
  • Page 8
  • Page 9
  • …
  • Next page ››
  • Last page Last »
Report a cybersecurity incident for critical infrastructure
Get alerts on new threats Alert Service
Become an ASD Partner
Report a cybercrime or cybersecurity incident
Acknowledgement of Country Circle
Acknowledgement of Country

We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities.
We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Australian Cyber Security Hotline 1300 CYBER1 (1300 292 371)
  • Contact us
  • Glossary
  • View all content
  • Copyright
  • Privacy
  • Accessibility
  • Disclaimer
  • Careers
  • Social media terms of use

Popular pages

  • Essential Eight
  • Alerts and advisories
  • Information Security Manual
Authorised by the Australian Government, Canberra