Search

ไทย (Thai)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into ไทย.

I-Kiribati (Gilbertese)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into I-Kiribati.

Bahasa Melayu (Malay)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Bahasa Melayu.

Faa Samoa (Samoan)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Faa Samoa.

Filipino (Filipino)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Filipino.

Tétum (Tetum)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Tetum.

Faka Tonga (Tongan)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Faka Tonga.

Be Ready - auDA Domain Name Changes   News

Mar 23, 2022 - The new domain name category could leave your business or organisation open to fraudulent cyber activity, such as business email compromise.

Medibank Private Cyber Security Incident   Alert

Dec 1, 2022 - ASD’s Australian Cyber Security Centre is working closely with Medibank Private following the recent incident.

Joint advisory released for Managed Service Providers and Customers to mitigate cybersecurity risks   News

May 12, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has today joined with international cyber security agency partners, to warn Managed Service Providers (MSP) of pressing cyber risks and provide guidance on suitable mitigations for them and their customers.

Threat update: COVID-19 malicious cyber activity 27 March 2020   Advisory

Mar 27, 2020 - This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.

Types of scams   Guidance

Learn about the common types of scams, how to identify them and how to recover from them.

ASD's ACSC Annual Cyber Threat report 2020-21   News

Sep 16, 2021 - The Assistant Minister for Defence, The Hon Andrew Hastie MP, released the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) Annual Cyber Threat Report 2020-21.

Planning for post-quantum cryptography   Publication

Aug 25, 2023 - A cryptographically relevant quantum computer (CRQC) will render most contemporary public key cryptography insecure, thus making ubiquitous secure communications based on current public key cryptography technology infeasible. As the creation of a CRQC presents new cybersecurity risks, organisations are encouraged to consider anticipating future requirements and dependencies of vulnerable systems during the transition to post-quantum cryptography (PQC) standards.

Advisory 2020-009: Recommendations to mitigate APT actors targeting health sector and COVID-19 essential services   Advisory

May 8, 2020 - The ACSC recommends that organisations in the health sector implement the following cyber security mitigations:

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations   Advisory

Sep 15, 2022 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) has joined with international cyber security agency partners to co-author an advisory on continued Iranian state-sponsored cyber threats. Organisations are encouraged to apply the recommended mitigations to protect themselves online.

Small business cybersecurity  

Jul 18, 2023 - How to protect your small business from common cyberthreats.

Business email compromise   Threat

Feb 11, 2023 - Learn about email phishing and what to do if you are scammed out of money, goods or information.

Advisory 2020-004: Remote code execution vulnerability being actively exploited in vulnerable versions of Telerik UI by sophisticated actors   Advisory

May 22, 2020 - This advisory is focused around the targeting of CVE-2019-18935 but has significant overlap to the previously released ACSC 2019-126 advisory.

Cyber supply chain risk management   Publication

May 22, 2023 - All organisations should consider cyber supply chain risk management. If a supplier, manufacturer, distributor or retailer (i.e. businesses that constitute a cyber supply chain) are involved in products or services used by an organisation, there will be a cyber supply chain risk originating from those businesses. Likewise, an organisation will transfer any cyber supply chain risk they hold to their customers.

Online shopping   Guidance

Nov 7, 2023 - Be secure when shopping online.

Protecting against business email compromise   Publication

Oct 6, 2021 - Business email compromise is when malicious actors use email to abuse trust in business processes to scam organisations out of money or goods. Malicious actors can impersonate business representatives using similar names, domains or fraudulent logos as a legitimate organisation or by using compromised email accounts and pretending to be a trusted co-worker.

Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure   Advisory

Sep 6, 2024 - The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020.

Secure administration   Publication

Oct 6, 2021 - Privileged access allows administrators to perform their duties, and is often seen as the ‘keys to the kingdom’. This publication provides guidance on how to implement secure administration techniques as part of the management of privileged access.

Security tips for social media and messaging apps   Publication

Jul 14, 2022 - It's a great way to stay in touch and share content online. This guide covers the risks of using social media and messaging apps and what to look out for. It also covers ways to help keep accounts safe for business and personal use.

Australian Signals Directorate’s Cyber Security Partnership Program   Program page

The Australian Signals Directorate's Australian Cyber Security Partnership Program enables Australian organisations and individuals to engage with the ASD's ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.

Back to school with cyber secure devices   News

Feb 4, 2022 - As children return to school, Australian parents are urged to make devices like mobile phones and laptop computers more cyber secure and to teach their children about cyber security, with 2022 set to be another year of hybrid learning for most families.

PRC State-Sponsored Cyber Activity   Advisory

Mar 20, 2024 - This fact sheet provides an overview for executive leaders on the urgent risk posed by People’s Republic of
China (PRC) state-sponsored cyber actors known as "Volt Typhoon."

COVID-19 themed malicious cyber activity   Advisory

Mar 27, 2020 - This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.

Managed service providers: How to manage risk to customer networks   Publication

Oct 6, 2021 - There are several mitigation strategies that managed service providers can implement to protect their own networks and manage the security risks posed to their customers’ networks.