You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 61 - 90 of 460 results.
Increase in denial-of-service (DoS) attacks against Australian organisations Advisory
Mar 17, 2025 - ASD's ACSC is aware of an increase in denial-of-service (DoS) attacks, where malicious actors flood websites with internet traffic, making it difficult for legitimate users to access them.
Shifting the Balance of Cybersecurity Risk Publication
Oct 17, 2023 - The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the following international partners provide the recommendations in this guide as a roadmap for technology manufacturers to ensure security of their products.
Antivirus software Guidance
Apr 11, 2023 - The consequences of viruses, spyware and other malicious software can be serious and far reaching. Follow our guidance about using antivirus software.
Summary of Tactics, Techniques and Procedures Used to Target Australian Networks Advisory
May 20, 2020 - This advisory provides information on methods to detect many of the TTPs listed. Partners are strongly encouraged to review their environments for the presence of the exploited vulnerabilities and provided TTPs.
Cybersecurity for charities and not-for-profits Guidance
Mar 12, 2024 - How to avoid common cyberthreats and protect your mission .
Mergers, acquisitions and Machinery of Government changes Publication
Jun 10, 2022 - This publication provides guidance on strategies that organisations can apply during mergers, acquisitions and Machinery of Government changes.
How to update your device and software Guidance
Jul 30, 2024 - Cybercriminals are always looking for easy paths to get onto your device. Updating your device and software is the easiest way reduce the risk of being a victim of cybercrime.
Fundamentals of Cross Domain Solutions Publication
Oct 6, 2021 - This publication introduces technical and non-technical audiences to cross domain security principles for securely connecting security domains.
Cyber security for charities and not-for-profit organisations News
Mar 18, 2024 - With cyber-attacks continuing to increase in frequency and severity across all sectors, the Australian Signals Directorate is encouraging charities and not-for-profit organisations to take action to protect their online systems.
Netlogon elevation of privilege vulnerability (CVE-2020-1472) Alert
Sep 22, 2020 - The ACSC is aware of a recently disclosed critical vulnerability in Microsoft Active Directory Domain Controller systems that allows unauthenticated attackers to trivially access administrative credentials.
2021 Trends Show Increased Globalized Threat of Ransomware Advisory
Feb 10, 2022 - This joint Cybersecurity Advisory—authored by cybersecurity authorities in the United States, Australia, and the United Kingdom—provides observed behaviors and trends as well as mitigation recommendations to help network defenders reduce their risk of compromise by ransomware.
2021-010: ASD's ACSC Ransomware Profile - Conti Advisory
Mar 4, 2022 - Conti is a ransomware variant first observed in early 2020, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Conti is offered as a Ransomware-as-a-Service (RaaS), enabling affiliates to utilise it as desired, provided that a percentage of the ransom payment is shared with the Conti operators as commission. This product provides information related to Conti’s background, threat activity, and mitigation advice.
How to dispose of your device securely Guidance
May 18, 2022 - You should consider that any devices you dispose of could be accessed by strangers.
Social media terms of use
May 7, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) uses a number of social media services as part of its communications activities. These services include Facebook, Twitter, LinkedIn, Vimeo and YouTube.
Critical vulnerability in certain versions of Apache HTTP Server Alert
Oct 8, 2021 - A vulnerability exists in Apache HTTP Server 2.4.49. A cyber actor could exploit this vulnerability to execute arbitrary code. Initial information also indicates that the vulnerability could also be used perform remote code execution under certain configurations. Affected Australian organisations should apply the available patch.
Questions for the board of directors to ask about cybersecurity Publication
Dec 5, 2022 - Information on the importance of cybersecurity for the board of directors in protecting their organisation and shareholders.
Guidance on digital forensics and protective monitoring specifications for producers of network devices and appliances Publication
Feb 5, 2025 - This guidance has been developed with contributions from partnering agencies and is included in a series of publications aiming to draw attention to the importance of edge device cyber security measures.
Introduction of legislative change for Limited Use obligation News
Oct 31, 2024 - On 9 October 2024, the Australian Government introduced the Intelligence Services and Other Legislation Amendment (Cyber Security) Bill 2024 into Parliament. The Bill amends the Intelligence Services Act 2001 to legislate a Limited Use obligation for the Australian Signals Directorate (ASD).
Planning for critical vulnerabilities: What the board of directors needs to know Publication
Dec 14, 2023 - This publication provides information on why it is important that the board of directors is aware of and plan for critical vulnerabilities that have the potential to cause major cybersecurity incidents.
Advisory 2020-004: Remote code execution vulnerability being actively exploited in vulnerable versions of Telerik UI by sophisticated actors Advisory
May 22, 2020 - This advisory is focused around the targeting of CVE-2019-18935 but has significant overlap to the previously released ACSC 2019-126 advisory.
Cyber threat actors compromising networks of major global telecommunications providers News
Dec 4, 2024 - New guidance is available for network defenders of communications infrastructure to strengthen visibility and harden devices against PRC-affiliated and other malicious cyber actors.
Widespread outages relating to CrowdStrike software update Alert
Jul 21, 2024 - A CrowdStrike software update has led to outages impacting Windows systems.
Types of scams Guidance
Learn about the common types of scams, how to identify them and how to recover from them.
People’s Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations Advisory
Sep 19, 2024 - Cyber actors may have used botnet to compromise thousands of Internet-connected devices.
Internet of Things devices Guidance
Apr 11, 2023 - IoT devices can include smart televisions, security cameras and fridges. Learn how to buy and use IoT devices securely.
Exploitation of vulnerabilities affecting Cisco firewall platforms Alert
Apr 25, 2024 - This alert has been written for the IT teams of organisations and government. Entities are strongly encouraged to take immediate action to ensure affected devices are patched and investigate for potential compromise.
2021-006: ASD's ACSC Ransomware Profile - Lockbit 2.0 Advisory
Aug 5, 2021 - The LockBit ransomware restricts access to corporate files and systems by encrypting them into a locked and unusable format. Victims receive instructions on how to engage with the offenders after encryption. LockBit affiliates have successfully deployed ransomware on corporate systems in a variety of countries and sectors, including Australia, where the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of numerous incidents since 2020. LockBit affiliates are known to implement the ‘double extortion’ technique by uploading stolen and sensitive victim information to their dark web site ‘LockBit 2.0’, and threatening to sell and/or release this information if their ransom demands are not met.
Managing the risks of legacy IT: Executive guidance Publication
Jun 12, 2024 - This publication provides high-level and strategic guidance for an organisation’s executive seeking to manage the risks of legacy IT.
Malware targeting Centreon software Alert
Feb 16, 2021 - ANSSI identifies campaign targeting Centreon system monitoring software.
Active exploitation of vulnerable MobileIron products Alert
Sep 18, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of vulnerabilities in multiple MobileIron products by malicious cyber actors, including sophisticated state-based actors.
