Search

Active exploitation of vulnerable Sitecore Experience Platform content management systems   Alert

Nov 5, 2021 - There is active exploitation of a vulnerability occurring in certain versions of Sitecore Experience Platform systems. Affected Australian organisation should apply the available security update.

Meltdown and Spectre patches unsuitable for some security products   Advisory

Jan 11, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of reporting that a variety of security products (e.g. antivirus solutions) are incompatible with Microsoft's patches for the Meltdown and Spectre vulnerabilities.

A Shared Vision of Software Bill of Materials (SBOM) for Cybersecurity   Publication

Sep 4, 2025 - This guidance, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and international partners, presents a shared vision of Software Bill of Materials (SBOM) and the value that increased software component and supply chain transparency can offer to the global community.

Safe software deployment: How software manufacturers can ensure reliability for customers   Publication

Oct 25, 2024 - It is critical for all software manufacturers to implement a safe software deployment program supported by verified processes, including robust testing and measurements.

Bulletproof defense: mitigating risks from bulletproof hosting providers   Publication

Nov 20, 2025 - This document provides internet service providers (ISPs) and network defenders recommendations to mitigate potential cybercriminal activity enabled by bulletproof hosting (BPH) providers.

Social media terms of use  

Jan 13, 2026 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) uses a number of social media services as part of its communications activities. These services include Facebook, Twitter, LinkedIn, Vimeo and YouTube. 

Guidelines for software development   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on software development.

New guidance on integrating a Software Bill of Materials (SBOM)   News

Sep 4, 2025 - Get valuable guidance to inform organisations who procure, produce or operate software about the advantages of integrating a Software Bill of Materials (SBOM) into your security processes.

People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection   Advisory

May 25, 2023 - The People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection joint advisory provides examples of the cyber actor’s commands, along with detection signatures to aid network defenders in hunting for this activity.

Consider your cyber hygiene in light of global events   News

Dec 22, 2025 - Around the world, geopolitical tensions remain complex as nations navigate diplomatic, economic, and military challenges. ASD’s ACSC recommends that organisations continue to review their current cyber security posture and maintain sufficient monitoring for cyber threats.

"Bulletproof" hosting providers are not so bulletproof   News

Jan 22, 2025 - Many cybercriminals rely on Bulletproof Hosting (BPH) providers to carry out their unlawful activities. Read our new publication to find out more about the role that BPH providers play in the cybercrime ecosystem.

People’s Republic of China (PRC) State-Sponsored Cyber Actor Living Off the Land to Evade Detection   Alert

May 25, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC), in conjunction with the United States (US) National Security Agency (NSA) its international partners, has released a Cybersecurity Advisory regarding a PRC state-sponsored cyber actor conducting activity impacting US critical infrastructure (CI) sectors. Because of the potential risk to CI sectors outside the US, all organisations are encouraged to review the published Advisory and report any malicious activity to the ASD's ACSC.

Principles for the secure integration of Artificial Intelligence in Operational Technology   Publication

Dec 4, 2025 - This publication provides guidance for critical infrastructure owners and operators for integrating AI into operational technology (OT) environments. It outlines key principles to leverage the benefits of AI in OT systems while minimising risk.

Identifying and Mitigating Living Off the Land Techniques   Advisory

Feb 8, 2024 - This Guide, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and the following agencies (hereafter referred to as the authoring agencies), provides information on common living off the land (LOTL) techniques and common gaps in cyber defense capabilities.

Creating and maintaining a definitive view of your operational technology architecture   Publication

Oct 28, 2025 - How organisations who deploy or operate operational technology systems should build, maintain and store their systems understanding.

New guidance for software and service manufacturers deploying system updates   News

Oct 25, 2024 - Implementing a safe software deployment program is vital for maintaining customer trust.

People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection joint cybersecurity advisory   News

May 25, 2023 - Today we released a joint advisory with international partners on a recently discovered cluster of activity associated with a People’s Republic of China (PRC) state-sponsored cyber actor.

Cyber incident materially affecting the price or value of the securities of an ASX-listed entity  

Advisory 2020-016: "Zerologon" - Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472)   Advisory

Sep 22, 2020 - The ACSC recommends organisations immediately patch affected Microsoft Windows systems with the Microsoft August 2020 Security Updates, released 11/08/2020.

Cyber security for charities and not-for-profits   Guidance

Sep 30, 2025 - How to avoid common cyber threats and protect your mission .