Search

PRC state-sponsored actors compromise and maintain persistent access to U.S. critical infrastructure   Advisory

Feb 8, 2024 - The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.

Hunting Russian Intelligence “Snake” Malware   Advisory

May 10, 2023 - This Cybersecurity Advisory (CSA) provides background on Snake’s attribution to the FSB and detailed technical descriptions of the implant’s host architecture and network communications.

How to back up your files and devices   Guidance

Nov 12, 2024 - Important data such as your photos, documents and financial records can be lost in an instant, so back it up regularly before it's too late.

Marketing and filtering email service providers   Publication

Oct 6, 2021 - This publication provides high level guidance on how to use email service providers (ESPs) in particular deployment scenarios. The considerations and controls described in that publication also apply to ESPs sending email on other organisations’ behalf.

Understanding Ransomware Threat Actors: LockBit   Advisory

May 8, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) alongside international partners have released a joint advisory on the ransomware variant LockBit. It functions as an affiliate-based Ransomware-as-a-Service (RaaS) model where affiliates are recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure.

Gateway security guidance package: Gateway operations and management   Publication

Jul 29, 2022 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.

Threat update: COVID-19 malicious cyber activity 27 March 2020   Advisory

Mar 27, 2020 - This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities   Advisory

Nov 22, 2021 - Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple U.S. critical infrastructure sectors, including the Transportation Sector and the Healthcare and Public Health Sector, as well as Australian organisations.

Recognise and report scams  

Feb 1, 2023 - Scams are a common way that cybercriminals compromise accounts. Being alert to scam messages is a great way to protect yourself online.

How to combat fake emails   Publication

Oct 6, 2021 - Organisations can reduce the likelihood of their domains being used to support fake emails by implementing Sender Policy Framework (SPF) and Domain-based Message Authentication, Reporting and Conformance (DMARC) records in their Domain Name System (DNS) configuration. Using DMARC with DomainKeys Identified Mail (DKIM) to sign emails provides further safety against fake emails. Likewise, organisations can better protect their users against fake emails by ensuring their email systems use and apply SPF, DKIM and DMARC policies on inbound email.

Choosing secure and verifiable technologies: Executive guidance   Publication

Dec 5, 2024 - This guide supports senior leaders to enable their organisations to understand their threat environment and make better-informed assessments and decisions to procure secure technologies.

While you are shopping   Guidance

The best way to avoid being a victim of cybercrime is to be informed. It is really important to know how to secure your device and recognise a fake website or scammer.

Mitigation strategies for edge devices: Practitioner guidance   Publication

Feb 4, 2025 - This publication expands on Mitigation strategies for edge devices: executive guidance. It provides IT practitioners with a list of mitigation strategies for the most common types of edge devices and appliances across enterprise networks and large organisations.

Threat update: COVID-19 malicious cyber activity 20 April 2020   Advisory

Apr 20, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) continues to receive reports from individuals, businesses and government departments about a range of different COVID-19 themed scams, online frauds and phishing campaigns. This threat update is about raising awareness of the evolving nature of COVID-19 related malicious cyber activity impacting Australians.

2022-004: ASD's ACSC Ransomware Profile – ALPHV (aka BlackCat)   Advisory

Apr 14, 2022 - ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia.

Ransomware   Threat

Read through the following case studies and learn from other Australians about how ransomware has affected them.

The silent heist: cybercriminals use information stealer malware to compromise corporate networks   Advisory

Sep 2, 2024 - Information stealer malware steals user login credentials and system information that cyber threat actors exploit, predominantly for monetary gain. Information stealers have been observed in attacks against multiple organisations and sectors worldwide, including Australia. This advisory provides readers with cyber security guidance on information stealers, including threat activity and mitigation advice for individuals and organisations.

日本語 (Japanese)   Guidance

Apr 19, 2024 - The information and resources available are intended to increase your safety online and have been translated into Japanese.

हिंदी (Hindi)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Hindi.

Hrvatski (Croatian)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Croation.

Bahasa Indonesia (Indonesian)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Indonesian.

македонски (Macedonian)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Macedonian.

Malti (Maltese)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Maltese.

中文简体 (Simplified Chinese)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Chinese Simplified.

Tiếng Việt (Vietnamese)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Vietnamese.

Italiano (Italian)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Italian.

한국어 (Korean)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Korean.

Español (Spanish)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Spanish.

中文繁體 (Traditional Chinese)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Chinese Traditional.

العربية (Arabic)    Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Arabic.