Search

Advisory 2020-017: Resumption of Emotet malware campaign   Advisory

Oct 30, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has observed the resumption of an ongoing and widespread campaign of malicious emails designed to spread the Emotet malware across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies.

2021 Top Malware Strains   Advisory

Aug 5, 2022 - This joint Cybersecurity Advisory (CSA) was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).

2021-006: ASD's ACSC Ransomware Profile - Lockbit 2.0   Advisory

Aug 5, 2021 - The LockBit ransomware restricts access to corporate files and systems by encrypting them into a locked and unusable format. Victims receive instructions on how to engage with the offenders after encryption. LockBit affiliates have successfully deployed ransomware on corporate systems in a variety of countries and sectors, including Australia, where the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of numerous incidents since 2020. LockBit affiliates are known to implement the ‘double extortion’ technique by uploading stolen and sensitive victim information to their dark web site ‘LockBit 2.0’, and threatening to sell and/or release this information if their ransom demands are not met.

Advisory 2021-002: Active exploitation of vulnerable Microsoft Exchange servers   Advisory

Mar 26, 2021 - On 2 March 2021 Microsoft released information regarding multiple exploits being used to compromise instances of Microsoft Exchange Server. Malicious actors are exploiting these vulnerabilities to compromise Microsoft Exchange servers exposed to the internet, enabling the malicious actor to access email accounts and to enable further compromise of the Exchange server and associated networks.

Protecting Against Cyber Threats to Managed Service Providers and their Customers   Advisory

May 12, 2022 - This advisory describes cybersecurity best practices for information and communications technology (ICT), focusing on guidance that enables transparent discussions between MSPs and their customers on securing sensitive data.

Hardening Microsoft Windows 10 workstations   Publication

Sep 4, 2025 - This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 10. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 10 version 22H2.

Malicious email mitigation strategies   Publication

Oct 6, 2021 - Socially engineered emails containing malicious attachments and embedded links are routinely used in targeted cyber intrusions against organisations. This publication has been developed to provide mitigation strategies for the security risks posed by these malicious emails.

Secure your email   Guidance

Jul 29, 2024 - How to protect yourself when using email and reduce spam and malicious emails.

Personal cyber security: Advanced steps guide   Guidance

Mar 23, 2023 - The third and final cyber security guide in the personal cyber security series is designed to help everyday Australians understand an advanced level of cyber security and how to take action to protect themselves from cyber threats.

Security considerations for edge devices   Publication

Feb 5, 2025 - Edge devices are an important part of many enterprise computing systems. They allow connection across various devices that aid in productivity. However, just like with all technology they are not without their vulnerabilities. Edge devices require attention and diligence to keep data safe and secure.

2023-01: ASD's ACSC Ransomware Profile - Royal   Advisory

Jan 24, 2023 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a ransomware variant called Royal, which is being used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes to other variants such as encrypting their data and extorting a ransom to return access to the sensitive files.

Implementing SIEM and SOAR platforms: Practitioner guidance   Publication

May 27, 2025 - This publication provides high-level guidance for cyber security practitioners on Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.

Multiple vulnerabilities affecting NetScaler ADC and NetScaler Gateway devices   Alert

Aug 27, 2025 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of multiple vulnerabilities (CVE-2025-7775, CVE-2025-7776 & CVE-2025-8424) affecting NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) products.

Small business cloud security guides: Executive overview   Publication

Dec 16, 2022 - In recognition of the increasing prevalence of cloud computing, the Australian Cyber Security Centre (ACSC) has published the Small business cloud security guides. These guides are designed to provide protection against cybersecurity incidents while remaining accessible to organisations which may not have the resources and expertise to implement a more sophisticated strategy.

PRC state-sponsored actors compromise and maintain persistent access to U.S. critical infrastructure   Advisory

Feb 8, 2024 - The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.

Strategies to mitigate cybersecurity incidents: Mitigation details   Publication

Feb 1, 2017 - The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help cybersecurity professionals in all organisations mitigate cybersecurity incidents caused by various cyberthreats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.

Gateway security guidance package: Gateway operations and management   Publication

Jul 29, 2025 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.

Remote access to operational technology environments   Publication

Mar 28, 2023 - Many critical infrastructure providers are moving to support remote working arrangements. In doing so, modifying cybersecurity defences for operational technology environments (OTE) is not a decision that should be taken lightly.

Australian Information Security Evaluation Program (AISEP)   Program

Dec 11, 2025 - The Australian Information Security Evaluation Program (AISEP) evaluates and certifies products to provide a level of assurance in its security functionality in order to protect systems and data against cyberthreats. These evaluation activities are certified by the Australian Certification Authority (ACA).

DDoS threats being made against Australian organisations   Alert

May 25, 2020 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a number of Denial of Service (DoS) for ransom threats being made against Australian organisations, primarily in the banking and finance sector.