You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 121 - 140 of 492 results.
Joint Cybersecurity Guide to increase cyber security of products globally News
Apr 14, 2023 - This guide provides a roadmap for technology manufacturers to ensure security of their products.
Barracuda Email Security Gateway (ESG) malicious activity – additional Indicators of Compromise released Alert
Dec 25, 2023 - Update: ASD's ACSC is aware of active exploitation of a third party library, Spreadsheet::ParseExcel, leading to potential Arbitrary Code Execution in Barracuda ESG appliances (CVE-2023-7101 and CVE-2023-7102).
Australia joins US and UK to warn of 2021 Ransomware trends News
Feb 10, 2022 - Ransomware continues to be a global threat, and cybercriminals using ransomware pose a significant risk to Australian organisations and households.
Critical vulnerability present in certain versions of Apple iOS and iPadOS Alert
Oct 13, 2021 - A vulnerability has been identified in certain Apple products which could allow an actor to install malware or perform other actions on a vulnerable device.
Remote code execution vulnerability present in certain versions of Atlassian Confluence Alert
Sep 1, 2021 - A vulnerability exists in certain self-hosted versions of Atlassian Confluence which could allow a malicious cyber actor to execute arbitrary code. Affected organisations should apply the available patch to mitigate this vulnerability.
Advisory 2021-004: Active exploitation of ForgeRock Access Manager / OpenAM servers Advisory
Jul 9, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has identified targeting and compromise of Australian organisations with vulnerable internet-accessible servers running ForgeRock Access Manager (ForgeRock AM). ForgeRock AM was previously known as OpenAM. The ASD's ACSC has observed malicious actors exploiting the vulnerability in ForgeRock AM/OpenAM to gain initial access to networks in multiple organisations, and facilitate further access within these networks. On 7 July 2021 the ASD's ACSC alerted organisations that this vulnerability was being actively exploited. This ASD's ACSC advisory provides recommendations for securing ForgeRock AM against vulnerability CVE-2021-35464, and advice on identifying potential successful exploitation of this vulnerability.
Increasing reports of myGov-related SMS and email scams targeting Australians Alert
Jul 16, 2020 - Be on the lookout for myGov-related SMS and email scams asking you to verify your myGov details.
Cyber incident affecting the handling of Security Sensitive Biological Agents
CISA, FBI, NSA, and international partners issue advisory on demonstrated threats and capabilities of Russian state-sponsored and cyber criminal actors News
Apr 22, 2022 - Since Russia’s invasion of Ukraine in February, the risk of malicious cyber operations by Russian state-sponsored and criminal cyber actors has increased. The threats to critical infrastructure could impact organisations both within and beyond Ukraine.
Head of ACSC talks cyber security with Natarsha Belling in podcast special News
Nov 29, 2021 - Ms Abigail Bradshaw, head of the Australian Cyber Security Centre (ACSC), recently sat down with journalist Natarsha Belling to discuss the common cyber threats affecting Australians today.
Critical vulnerabilities present in certain versions of Apple iOS, macOS and Safari Alert
Sep 14, 2021 - Vulnerabilities have been identified in certain versions of Apple iOS, macOS and Safari which could allow an actor to install malware or perform other actions on a vulnerable device or computer.
Data breach of My Health Record (for State and Territory entities)
Active exploitation of critical vulnerability in Citrix Application Delivery Controller and Citrix Gateway Alert
Jan 13, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is aware of ongoing attempts to exploit a critical vulnerability in Citrix Application Delivery Controller (ADC) (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP.
Remote code execution vulnerability present in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component Alert
Nov 11, 2021 - A vulnerability has been identified in certain versions of Palo Alto firewalls utilising the GlobalProtect VPN component. Affected Australian organisations should apply the available update as soon as possible.
Australian Information Security Evaluation Program (AISEP) Program
Dec 11, 2025 - The Australian Information Security Evaluation Program (AISEP) evaluates and certifies products to provide a level of assurance in its security functionality in order to protect systems and data against cyberthreats. These evaluation activities are certified by the Australian Certification Authority (ACA).
Infosec Registered Assessors Program (IRAP) Program
Nov 17, 2025 - The Infosec Registered Assessors Program (IRAP) ensures entities can access high-quality security assessment services.
Secure your website Guidance
Jul 29, 2024 - Small business account for over 95% of all businesses in Australia and 72% of them have a website. However, in a world in which websites are increasingly being targeted by cyber criminals, only 36% check for updates every week. For those small businesses with a website, or that are considering one, these three quick wins will help you protect your money, data and reputation.
Emanation Security Industry Program Program
Oct 29, 2025 - The Australian Signals Directorate’s Emanation Security Program sets out the requirements for government and organisations to be formally recognised to conduct emanation security practices to national standards.
Vulnerability Disclosure Program News
Nov 23, 2022 - New ACSC publication released to help organisations implement a Vulnerability Disclosure Program.
Critical Infrastructure Uplift Program (CI-UP) Program
Apr 16, 2024 - The Critical Infrastructure Uplift Program (CI-UP) offers a range of services that assist critical infrastructure (CI) partners to improve their resilience against cyberattacks.
