You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 61 - 80 of 409 results.
New advisory – PRC state-sponsored actors compromise networks worldwide to feed global espionage system News
Aug 28, 2025 - Don’t feed their global espionage systems – read the full advisory for vital insights on threat hunting, indicators of compromise, and mitigation strategies to help your organisation safeguard your networks and assets.
Information Security Registered Assessor Program (IRAP) News
Dec 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is further enhancing cyber security assessment and training, improving cyber skills, and creating new cyber careers for Australians through the Information Security Registered Assessor Program (IRAP).
The silent heist: cybercriminals use information stealer malware to compromise corporate networks Advisory
Sep 2, 2024 - Information stealer malware steals user login credentials and system information that cyber threat actors exploit, predominantly for monetary gain. Information stealers have been observed in attacks against multiple organisations and sectors worldwide, including Australia. This advisory provides readers with cyber security guidance on information stealers, including threat activity and mitigation advice for individuals and organisations.
Industrial control systems: Remote access protocol Publication
Oct 6, 2021 - External parties may need to connect remotely to critical infrastructure control networks. This access is to allow the manufacturers of equipment used in Australia’s critical infrastructure the ability to maintain the equipment, when a fault is experienced that cannot be fixed in the required timeframe any other method.
The Silent Heist: Cybercriminals use information stealer malware to compromise corporate networks News
Sep 2, 2024 - New advisory released on information stealer malware used in cybercrime attacks.
Active exploitation of vulnerable Sitecore Experience Platform content management systems Alert
Nov 5, 2021 - There is active exploitation of a vulnerability occurring in certain versions of Sitecore Experience Platform systems. Affected Australian organisation should apply the available security update.
Advanced Persistent Threat (APT) actors targeting Australian health sector organisations and COVID-19 essential services Alert
May 8, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware that Advanced Persistent Threat (APT) actors are actively targeting health sector organisations and medical research facilities.
#StopRansomware: Play ransomware Advisory
Jun 5, 2025 - This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.
New guidance for small businesses to protect your devices and accounts News
Jul 9, 2025 - Follow a list of step-by-step actions to help protect your Apple, Google and Microsoft devices and accounts.
#StopRansomware: BianLian Ransomware Group Advisory
Nov 21, 2024 - The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint Cybersecurity Advisory to disseminate known BianLian ransomware and data extortion group IOCs and TTPs identified through FBI and ASD's ACSC investigations as of March 2023.
#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability Advisory
Nov 29, 2023 - This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.
Foundations for OT cybersecurity: Asset inventory guidance for owners and operators Publication
Aug 14, 2025 - This guidance outlines how OT owners and operators can create and maintain an asset inventory and OT taxonomy, to protect their most vital assets. It includes steps for defining scope and objectives for the inventory, identifying assets, collecting attributes, creating a taxonomy, managing data, and implementing asset life cycle management.
Gateway security guidance package: Executive guidance Publication
Jul 29, 2025 - The purpose of this guidance is to inform decision-makers at the executive level of their responsibilities, the appropriate considerations needed to make informed risk-based decisions, and to meet policy obligations when leading the design or consumption of their organisation’s gateway services.
Australian Information Security Evaluation Program (AISEP) Program
Dec 11, 2025 - The Australian Information Security Evaluation Program (AISEP) evaluates and certifies products to provide a level of assurance in its security functionality in order to protect systems and data against cyber threats. These evaluation activities are certified by the Australian Certification Authority (ACA).
Advisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks Advisory
Sep 16, 2020 - This advisory details the tactics, techniques and procedures (TTPs) identified during the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) investigation of a cyber campaign targeting Australian networks. These TTPs are captured in the frame of tactics and techniques outlined in the MITRE ATT&CK framework.
Choosing secure and verifiable technologies: Executive guidance Publication
Dec 5, 2024 - This guide supports senior leaders to enable their organisations to understand their threat environment and make better-informed assessments and decisions to procure secure technologies.
Gateway security guidance package: Gateway operations and management Publication
Jul 29, 2025 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.
Copy-paste compromises Alert
Sep 16, 2020 - The Australian Government is aware of, and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor. The title ‘Copy-paste compromises’ is derived from the actor’s heavy use of tools copied almost identically from open source.
Essential Eight Assessment Guidance Package News
Nov 23, 2022 - The Australian Signals Directorate has published updated guidance to help ensure consistent Essential Eight assessment across government and industry.
Cyber security incident response planning: Practitioner guidance Publication
Dec 12, 2024 - ASD defines a cyber security incident as an unwanted or unexpected cyber security event, or a series of such events, that has either compromised business operations or has a significant probability of compromising business operations.
