Search

Ελληνικά (Greek)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Greek.

ਪੰਜਾਬੀ (Punjabi)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Punjabi.

ไทย (Thai)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into ไทย.

Français (French)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Français.

I-Kiribati (Gilbertese)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into I-Kiribati.

Bahasa Melayu (Malay)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Bahasa Melayu.

Faa Samoa (Samoan)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Faa Samoa.

Filipino (Filipino)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Filipino.

Tétum (Tetum)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Tetum.

Faka Tonga (Tongan)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Faka Tonga.

ASD Cyber Threat Report 2022-2023   Reports and statistics

Nov 14, 2023 - The ASD's Cyber Threat Report is ACSC’s flagship unclassified publication. The Report provides an overview of key cyberthreats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online

Data breaches   Threat

Aug 30, 2023 - Sometimes personal information is released to unauthorised people by accident or as the result of a security breach. For example, an email with personal information can be sent to the wrong person, or a computer system can be hacked and personal information stolen. These are known as data breaches or data spills.

Detecting and mitigating Active Directory compromises   Publication

Jan 22, 2025 - This publication provides an overview of techniques used to compromise Active Directory, and recommended strategies to mitigate these techniques. By implementing the recommendations in this publication, organisations can significantly improve their Active Directory security, and therefore their overall network security posture.

Implementing certificates, TLS, HTTPS and opportunistic TLS   Publication

Oct 6, 2021 - Transport Layer Security (TLS) is a widely used encryption protocol which enables parties to communicate securely over the internet. Through the use of certificates and Public Key Infrastructure (PKI), parties can identify each other through a trusted intermediary and establish encrypted tunnels for the secure transfer of information.

Guidelines for cybersecurity documentation   Advice

Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity documentation.

Guidelines for secure AI system development   Publication

Nov 27, 2023 - This document recommends guidelines for providers of any systems that use artificial intelligence (AI), whether those systems have been created from scratch or built on top of tools and services provided by others. This document is aimed primarily at providers of AI systems who are using models hosted by an organisation, or are using external application programming interfaces (APIs).

Report and recover from identity theft   Guidance

Nov 14, 2024 - Know where to make a report and get help if someone has stolen your personal or business identity.

2021 Trends Show Increased Globalized Threat of Ransomware   Advisory

Feb 10, 2022 - This joint Cybersecurity Advisory—authored by cybersecurity authorities in the United States, Australia, and the United Kingdom—provides observed behaviors and trends as well as mitigation recommendations to help network defenders reduce their risk of compromise by ransomware.

Preventing Web Application Access Control Abuse   Advisory

Jul 28, 2023 - The Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers of web applications and organizations using web applications about insecure direct object reference (IDOR) vulnerabilities.

Risk management of enterprise mobility (including Bring Your Own Device)   Publication

Oct 6, 2021 - This publication has been developed to provide senior business representatives with a list of enterprise mobility considerations. These include business cases, regulatory obligations and legislation, available budget and personnel resources, and risk tolerance. Additionally, risk management controls are provided for cybersecurity practitioners.

2023 top routinely exploited vulnerabilities   Advisory

Nov 13, 2024 - This advisory provides details, collected and compiled by the authoring agencies, on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2023 and their associated Common Weakness Enumerations (CWEs). Malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks in 2023 compared to 2022, allowing them to conduct operations against high priority targets.
The authoring agencies strongly encourage vendors, designers, developers, and end-user organizations to implement the following recommendations, and those found within the Mitigations section of this advisory, to reduce the risk of compromise by malicious cyber actors.

Strategies to mitigate cybersecurity incidents: Mitigation details   Publication

Feb 1, 2017 - The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help cybersecurity professionals in all organisations mitigate cybersecurity incidents caused by various cyberthreats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.

Identity theft   Threat

Nov 14, 2024 - Learn about how identity theft can affect you and how to keep your personal information secure.

Identifying and Mitigating Living Off the Land Techniques   Advisory

Feb 8, 2024 - This Guide, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and the following agencies (hereafter referred to as the authoring agencies), provides information on common living off the land (LOTL) techniques and common gaps in cyber defense capabilities.

Online shopping   Guidance

Nov 7, 2023 - Be secure when shopping online.

Small business cybersecurity guide   Publication

Jun 16, 2023 - This guide includes basic security measures to help protect your business against common cyberthreats.

Secure your website   Guidance

Jul 29, 2024 - Small business account for over 95% of all businesses in Australia and 72% of them have a website. However, in a world in which websites are increasingly being targeted by cyber criminals, only 36% check for updates every week. For those small businesses with a website, or that are considering one, these three quick wins will help you protect your money, data and reputation.

Security tips for remote working   Guidance

Jul 29, 2024 - As an employee, you may be more at risk when working away from the office. Learn how to stay secure while working from home or remotely.

Essential Eight assessment process guide   Publication

Oct 2, 2024 - This publication provides advice on how to assess the implementation of the Essential Eight.

2022 Top Routinely Exploited Vulnerabilities   Advisory

Aug 4, 2023 - This advisory provides details on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2022 and the associated Common Weakness Enumeration(s) (CWE).