You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 601 - 630 of 718 results.
SonicWall Breach Alert
Feb 4, 2021 - SonicWall identified an internal systems breach using a zero-day vulnerability within the SMA 100 series 10.x code.
Act now to defend against vicious cybercriminals News
Jul 20, 2021 - Cybercriminals are targeting Australians at an unprecedented level to steal sensitive information and money, including through business email compromise and ransomware attacks.
Remote Code Execution Vulnerability In Cisco Unified Communications Products Alert
Jan 26, 2024 - ASD’s ACSC is aware of a vulnerability in Cisco Unified Communications Products (CVE 2024-20253). Organisations using Cisco Unified Communication products are strongly advised to follow the mitigation advice provided by Cisco if they are vulnerable.
Report and recover from ransomware Guidance
Jul 14, 2023 - Learn where to get help from a ransomware attack, and steps to protect yourself against future incidents.
Recovering a compromised online account Guidance
Nov 10, 2023 - Online accounts are important for our day-to-day activities and often store sensitive information about us. This can make them useful for cybercriminals looking to gain access to our resources or identities.
Essential Eight maturity model changes Publication
Nov 27, 2023 - This publication provides an overview of the changes for the November 2023 release.
Vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway products Alert
Jan 18, 2024 - ASD’s ACSC is aware of multiple vulnerabilities (CVE-2023-6548 and CVE-2023-6549) in Citrix NetScaler products (NetScaler ADC and NetScaler Gateway). Organisations are strongly encouraged to take immediate action to ensure affected instances are patched.
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities Advisory
Nov 22, 2021 - Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple U.S. critical infrastructure sectors, including the Transportation Sector and the Healthcare and Public Health Sector, as well as Australian organisations.
BADBAZAAR and MOONSHINE: Technical analysis and mitigations Advisory
Apr 9, 2025 - This guidance has been jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC Cyber League. Its provides new and collated threat intelligence on two spywares known as MOONSHINE and BADBAZAAR with guidance for how App store operators, developers and social media companies can keep their users safe.
Potential SolarWinds Orion compromise Alert
Jan 25, 2021 - FireEye identifies global campaign leveraging malicious updates to SolarWinds software.
Cyber skills framework Publication
Sep 10, 2020 - The Cyber Skills Framework enables targeted recruitment of cyber specialists, provides a development pathway for current and future cyber staff, and aligns skills, knowledge and attributes with national and international industry standards.
2021-010: ASD's ACSC Ransomware Profile - Conti Advisory
Mar 4, 2022 - Conti is a ransomware variant first observed in early 2020, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Conti is offered as a Ransomware-as-a-Service (RaaS), enabling affiliates to utilise it as desired, provided that a percentage of the ransom payment is shared with the Conti operators as commission. This product provides information related to Conti’s background, threat activity, and mitigation advice.
Critical vulnerability identified in Apple iOS and macOS Alert
Feb 12, 2022 - A Remote Code Execution vulnerability has been identified in certain versions of Apple WebKit, affecting iOS and macOS devices. Affected users of these devices should update their devices as soon as possible.
Increased Global Ransomware Threats Alert
Feb 10, 2022 - In 2021, cybersecurity authorities in the United States, Australia, and the United Kingdom observed an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organizations globally.
Vulnerability in Ivanti Endpoint Manager Mobile (EPMM) Alert
Jul 25, 2023 - This Alert is relevant to Australians who are running Ivanti EPMM. This alert is intended to be understood by slightly more technical users. Users are encouraged to immediately apply any available patches.
Using Content Credentials to help mitigate cyber threats associated with generative AI News
Jan 30, 2025 - With advanced AI tools, digital media can be created or modified convincingly with minimal effort and cost. Learn more about media provenance solutions to help end users verify the integrity of your organisation’s content.
Recovering compromised bank accounts and online payment accounts Guidance
Nov 10, 2023 - Bank accounts are among the most important accounts to us and the most prized accounts to cybercriminals.
How to update your device and software Guidance
Jul 30, 2024 - Cybercriminals are always looking for easy paths to get onto your device. Updating your device and software is the easiest way reduce the risk of being a victim of cybercrime.
Iranian Government-Sponsored APT Cyber Actors Alert
Nov 17, 2021 - FBI and CISA have observed an Iranian government-sponsored APT group that are exploiting vulnerabilities to gain access to systems. The APT group has exploited the same Microsoft Exchange vulnerability in Australia.
Critical remote code execution vulnerability found in the Log4j library Alert
Dec 21, 2021 - A vulnerability (CVE-2021-44228) exists in certain versions of the Log4j library. A malicious cyber actor could exploit this vulnerability to execute arbitrary code. Australian organisations should apply latest patches immediately where Log4j is known to be used.
2022-004: ASD's ACSC Ransomware Profile – ALPHV (aka BlackCat) Advisory
Apr 14, 2022 - ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia.
Resources library
Jun 18, 2025 - Resources for individuals, families and small businesses
Critical Infrastructure Uplift Program (CI-UP) Program page
Apr 16, 2024 - The Critical Infrastructure Uplift Program (CI-UP) offers a range of services that assist critical infrastructure (CI) partners to improve their resilience against cyberattacks.
Protect yourself and others from MyGov-related scams Advisory
Jul 16, 2020 - The Australian Taxation Office (ATO) is receiving increased reports of myGov-related SMS and email scams. As always, our advice is DON’T click any links and DON’T provide the information requested.
New guidance on detecting and mitigating Active Directory compromises News
Sep 26, 2024 - Does your organisation use Microsoft’s Active Directory? Read our latest guidance on Active Directory compromises now.
Widespread outages relating to CrowdStrike software update Alert
Jul 21, 2024 - A CrowdStrike software update has led to outages impacting Windows systems.
Launch of the Annual Threat Report News
Nov 4, 2022 - The Annual Cyber Threat Report is ACSC’s flagship unclassified publication. The Report provides an overview of key cyber threats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online.
Australia’s second ever cyber sanction imposed News
May 8, 2024 - Today the Australian Government, along with our international partners, has imposed a targeted financial sanction and travel ban on Russian citizen Dmitriy Khoroshev, for his leadership role in the notorious LockBit ransomware group.
Multiple vulnerabilities in Jenkins products Alert
Jan 30, 2024 - ASD’s ACSC is aware of multiple vulnerabilities impacting Jenkins products including CVE 2024-23897 (Critical) & CVE-2024-23898 (High). Organisations using Jenkins products are strongly advised to follow the mitigation advice provided by Jenkins and patch affected versions.
Preventing business email compromise Guidance
Apr 11, 2023 - There are many easy steps and actions you can take now to protect your business. Learn about the simple, cost-effective and immediately beneficial protective measures you can implement.
