Search

#StopRansomware: BianLian Ransomware Group   Advisory

Nov 21, 2024 - The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint Cybersecurity Advisory to disseminate known BianLian ransomware and data extortion group IOCs and TTPs identified through FBI and ASD's ACSC investigations as of March 2023.

Further cyber sanctions in response to Medibank Private cyberattack   News

Feb 12, 2025 - Today Australia has imposed targeted financial and travel sanctions on a cyber infrastructure entity – ZServers – and five of its Russian employees for their roles in providing infrastructure to host and disseminate data stolen from Medibank Private in 2022.

Cloud assessment and authorisation FAQ   Publication

Jan 18, 2024 - This publication provides answers to frequently asked questions on the Australian Signals Directorate (ASD)’s assessment and authorisation framework for cloud service providers (CSPs) and their cloud services.

How the ASD's ACSC can help during a cyber security incident   News

Sep 11, 2023 - The Australian Signal’s Directorate’s Australian Cyber Security Centre’s (ASD's ACSC) incident management capabilities provide technical advice and assistance to support Australian organisations through a cyber security incident response.

Cyber resources for small businesses   News

Feb 11, 2022 - Last December, the Council of Small Business Organisations Australia (COSBOA) co-hosted an Act Now, Stay Secure breakfast at the National Portrait Gallery, along with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the Department of Home Affairs.

Understanding Ransomware Threat Actors: LockBit   Advisory

May 8, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) alongside international partners have released a joint advisory on the ransomware variant LockBit. It functions as an affiliate-based Ransomware-as-a-Service (RaaS) model where affiliates are recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure.

COVID-19 themed malicious cyber activity   Advisory

Mar 27, 2020 - This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.

Australia joins US and UK to warn of 2021 Ransomware trends   News

Feb 10, 2022 - Ransomware continues to be a global threat, and cybercriminals using ransomware pose a significant risk to Australian organisations and households.

Barracuda Email Security Gateway (ESG) malicious activity – additional Indicators of Compromise released   Alert

Dec 25, 2023 - Update: ASD's ACSC is aware of active exploitation of a third party library, Spreadsheet::ParseExcel, leading to potential Arbitrary Code Execution in Barracuda ESG appliances (CVE-2023-7101 and CVE-2023-7102).

Safer Internet Day 2021   News

Feb 9, 2021 - Safer Internet Day on 9 February 2021 aims to raise awareness of emerging online issues and share strategies everyone can use for staying secure online.

IRAP resources   Program page

Jun 16, 2025 - IRAP resources

Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways   Advisory

Feb 28, 2024 - The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC), and the UK’s National Cyber Security Centre (NCSC), are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-46805, CVE-2024-21887, CVE-2024-22024, and CVE-2024-21893—multiple vulnerabilities affecting Ivanti Connect Secure and Ivanti Policy Secure gateways.

Head of ACSC talks cyber security with Natarsha Belling in podcast special   News

Nov 29, 2021 - Ms Abigail Bradshaw, head of the Australian Cyber Security Centre (ACSC), recently sat down with journalist Natarsha Belling to discuss the common cyber threats affecting Australians today.

Protect yourself from remote access scams   Advisory

Nov 4, 2020 - NEVER provide your personal and financial details or give a stranger remote access to your device or computer – simply hang up.

#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability   Advisory

Nov 29, 2023 - This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.

Shop online securely this holiday season   News

Nov 8, 2023 - The holiday season is fast approaching and more Australian’s than ever are shopping online. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) are reminding Australians to be cyber secure when shopping online.

If things go wrong   Guidance

If you think you're a victim of a scam, there are steps you can take to protect yourself from further harm.

Threat update: COVID-19 malicious cyber activity 27 March 2020   Advisory

Mar 27, 2020 - This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.

Securing Customer Personal Data for Small to Medium Businesses   News

Nov 17, 2023 - As data breaches increasingly impact Australian businesses and their customers, it’s crucial for businesses to improve their data security practices and ensure their customers’ personal data is handled appropriately.

The ASD's ACSC On-Call 24/7   News

Nov 25, 2021 - All Australians now have greater access to cyber security help and advice through the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) enhanced national Cyber Security Hotline - 1300 CYBER1.

Content Credentials: Strengthening Multimedia Integrity in the Generative AI Era   Publication

Jan 30, 2025 - This cybersecurity information sheet discusses how Content Credentials (especially Durable ones) can be valuable to protect the provenance of media, raises awareness of the state of this solution, provides recommended practices to ensure the preservation of provenance, and discusses the importance of widespread adoption across the information ecosystem.

Implementing SIEM and SOAR platforms: Practitioner guidance   Publication

May 27, 2025 - This publication provides high-level guidance for cyber security practitioners on Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.

Guidelines for cybersecurity documentation   Advice

Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity documentation.

Vulnerability in Ivanti Endpoint Manager Mobile (EPMM)   Alert

Jul 25, 2023 - This Alert is relevant to Australians who are running Ivanti EPMM. This alert is intended to be understood by slightly more technical users. Users are encouraged to immediately apply any available patches.

Safe Software Deployment   Publication

Oct 25, 2024 - It is critical for all software manufacturers to implement a safe software deployment program supported by verified processes, including robust testing and measurements.

Mitigation strategies for edge devices: Executive guidance   Publication

Feb 4, 2025 - This publication provides a high-level summary of ASD’s existing guidance to manage and secure edge devices effectively. It is intended for executives in large organisations and critical infrastructure providers that are responsible for the deployment, operation, security, and maintenance of enterprise networks. ASD is soon to release a comprehensive technical publication on mitigation strategies for edge devices for practitioners.

Protect yourself online: A guide to cybersecurity for young people   Guidance

May 2, 2024 - The steps in this guide can help you navigate the online world with confidence.

Managed service providers: How to manage risk to customer networks   Publication

Oct 6, 2021 - There are several mitigation strategies that managed service providers can implement to protect their own networks and manage the security risks posed to their customers’ networks.

Spotting scams   Guidance

Learn how to identify phishing messages to stay safe and protect your personal information.

SVR cyber actors adapt tactics for initial cloud access   Advisory

Feb 27, 2024 - How SVR-attributed actors are adapting to the move of government and corporations to cloud infrastructure.