You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 331 - 360 of 460 results.
Cyber Security for Operational Technology News
Oct 2, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has released new guidance to help critical infrastructure protect their systems and online supply chains.
The silent heist: cybercriminals use information stealer malware to compromise corporate networks Advisory
Sep 2, 2024 - Information stealer malware steals user login credentials and system information that cyber threat actors exploit, predominantly for monetary gain. Information stealers have been observed in attacks against multiple organisations and sectors worldwide, including Australia. This advisory provides readers with cyber security guidance on information stealers, including threat activity and mitigation advice for individuals and organisations.
Australian Signals Directorate releases the annual Cyber Threat Report for 2023–24 News
Nov 20, 2024 - ASD’s Cyber Threat Report 2023–24 provides an overview of the key cyber threats impacting Australia, how ASD’s ACSC is responding and cyber security advice for Australian individuals, organisations and government to protect themselves online.
Update your small business cyber security News
Jun 12, 2024 - Resources to help protect small businesses from cyber threats.
Safeguard your business from cyber threats with the Australian Signals Directorate News
May 13, 2024 - Australian business owners and organisations can access advice from the Australian Signals Directorate (ASD) to stay secure online.
Protecting your staff Guidance
Apr 11, 2023 - An incident response plan can help organisations to respond to cybersecurity incidents while continuing to conduct business operations.
ASD’s role in cybersecurity: For legal practitioners Guidance
Dec 11, 2024 - During a cybersecurity incident, or suspected cybersecurity incident, our goal is to work with impacted organisations, their legal representation, and any external vendors engaged to investigate an incident on behalf of the organisation.
Secure-by-Design Foundations News
Jul 31, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has released updated guidance to help technology manufacturers and those who use their digital product or service to adopt secure-by-design principles.
The Case for Memory Safe Roadmaps – Joint Cyber Security Guide News
Dec 7, 2023 - In partnership with our international partners we released a joint cyber security guidance on Secure-by-Design memory safe roadmaps.
New Secure-by-Design publication about memory safety released News
Jun 27, 2024 - Today, we jointly released a new Secure-by-Design publication, Exploring Memory Safety in Critical Open Source Projects, co-authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Canadian Centre for Cyber Security (CCCS).
Multi-factor authentication for stronger cyber protection News
Feb 25, 2021 - Australians are being urged to strengthen proof of identity protections to help stop cybercriminals gaining unauthorised access to online information and accounts.
BADBAZAAR and MOONSHINE: Technical analysis and mitigations Advisory
Apr 9, 2025 - This guidance has been jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC Cyber League. Its provides new and collated threat intelligence on two spywares known as MOONSHINE and BADBAZAAR with guidance for how App store operators, developers and social media companies can keep their users safe.
Delivering the goods in cyber security resilience to the transport and logistics sector News
Oct 27, 2022 - National Cyber Security Exercise Series: Australia’s transport and logistics sector – May to August 2023
Critical vulnerabilities in GitLab Products Alert
Jan 15, 2024 - The Australian Signals Directorate’s (ASD's) Australian Cyber Security Centre (ACSC) is aware of critical vulnerabilities affecting GitLab Community Edition (CE) and Enterprise Edition (EE). Customers should update to a patched version immediately and enable multi-factor authentication for all GitLab accounts.
View all content
Nov 3, 2022 -
Deploying AI Systems Securely Publication
Apr 16, 2024 - AI security is a rapidly evolving area of research. As agencies, industry, and academia discover potential weaknesses in AI technology and techniques to exploit them, organizations will need to update their AI systems to address the changing risks, in addition to applying traditional IT best practices to AI systems.
Health Sector Snapshot News
Feb 10, 2021 - This Sector Snapshot is designed to enhance awareness of key cyber security threats in the health sector and advise executives and cyber security professionals within the health sector on what they can do to protect their organisation from cyber threats. This report provides a high-level overview of the cyber security environment from 1 January to 31 December 2020.
Australian Signals Directorate releases 2023 ASD Cyber Threat Report News
Nov 15, 2023 - The Australian Signals Directorate has released its fourth ASD Cyber Threat Report.
Guidelines for cybersecurity documentation Advice
Jul 3, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity documentation.
Safer Internet Day 2021 News
Feb 9, 2021 - Safer Internet Day on 9 February 2021 aims to raise awareness of emerging online issues and share strategies everyone can use for staying secure online.
Ransomware Playbook Guidance
Oct 10, 2024 - This interactive guide is here to assist you with taking all of the appropriate steps to prepare for, respond to and recover from a ransomware incident.
Critical vulnerability in ManageEngine ADSelfService Plus exploited by cyber actors Alert
Sep 24, 2021 - A vulnerability exists in certain versions of ManageEngine ADSelfService Plus. A cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian organisations should apply the available security update.
ASD's ACSC and partners alert organisations to top 2021 malware strains News
Aug 5, 2022 - The top types of malicious software – or malware – seen by the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and international partners through 2021 have been detailed, along with advice on how to counter them.
Report and recover from business email compromise Guidance
Jul 14, 2023 - Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.
Patching applications and operating systems Publication
Nov 27, 2023 - Applying patches to applications and operating systems is critical to keeping systems secure. Patching forms part of the Essential Eight from the Strategies to mitigate cybersecurity incidents.
Recovering a compromised email account Guidance
Nov 10, 2023 - Email accounts are valuable targets for cybercriminals. Not just because they store sensitive messages, but also because they can be used to impersonate the account owner, to spread scams, and to perform password resets.
2021-009: Malicious actors deploying Gootkit Loader on Australian Networks Advisory
Aug 27, 2021 - From April 2021, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has received an increase in reporting of malicious actors targeting Australian networks with Gootkit JavaScript (JS) Loaders. Open-source reporting confirms that Gootkit JS Loaders are a precursor to several malware families traditionally used for cybercrime, notably, Gootkit, REvil ransomware, Kronos, or CobaltStrike. The ASD’s ACSC is providing this information to enable organisations to undertake their own risk assessments and take appropriate actions to secure their systems and networks. The ASD’s ACSC will update this advisory if more information becomes available.
Remote code execution vulnerability present in Fortinet devices Alert
Oct 13, 2022 - A vulnerability (CVE-2022-40684) has been identified in several Fortinet products running certain versions from 7.0.0 onwards, that could allow a malicious cyber actor to bypass authentication and perform unauthorised actions. Affected Australian organisations should apply the available patch and follow Fortinet’s mitigation advice.
Critical remote code execution vulnerability found in the Log4j library Alert
Dec 21, 2021 - A vulnerability (CVE-2021-44228) exists in certain versions of the Log4j library. A malicious cyber actor could exploit this vulnerability to execute arbitrary code. Australian organisations should apply latest patches immediately where Log4j is known to be used.
2020-001-4: Remediation for critical vulnerability in Citrix Application Delivery Controller and Citrix Gateway Advisory
Jan 13, 2020 - On 19 January 2020, Citrix released patches for two versions of the Citrix Application Delivery Controller (ADC) and Citrix Gateway appliances. Citrix expects to have patches available across all supported versions of Citrix ADC, Citrix Gateway and Citrix SD-WAN WANOP before the end of January 2020.
