Search

Bulletproof defense: mitigating risks from bulletproof hosting providers   Publication

Nov 20, 2025 - This document provides internet service providers (ISPs) and network defenders recommendations to mitigate potential cybercriminal activity enabled by bulletproof hosting (BPH) providers.

Multiple vulnerabilities present in the Spring Framework for Java   Alert

Apr 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of media reporting relating to multiple potential vulnerabilities, including the so-called SpringShell vulnerability, in the Java Spring framework and its execution environments. These vulnerabilities pose a threat to organisations running applications on the web which contain components using the Java Spring framework.

Creating and maintaining a definitive view of your operational technology architecture   Publication

Oct 28, 2025 - How organisations who deploy or operate operational technology systems should build, maintain and store their systems understanding.

Using the Information security manual   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on using the ISM.

CI Fortify   Publication

Oct 13, 2025 - Actionable guidance for CI operators to isolate and rebuild critical services and OT systems during crisis or service disruption.

Gateway security guidance package: Gateway operations and management   Publication

Jul 29, 2025 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.

Secure by Demand   Publication

Jan 14, 2025 - This Secure by Demand guide, authored by CISA with contributions from the following partners, describes how OT owners and operators should integrate security into their procurement process when purchasing industrial automation and control systems as well as other OT products.

Security considerations for edge devices   Publication

Feb 5, 2025 - Edge devices are an important part of many enterprise computing systems. They allow connection across various devices that aid in productivity. However, just like with all technology they are not without their vulnerabilities. Edge devices require attention and diligence to keep data safe and secure.

Understand and invest in modern defensible architecture now   News

Oct 23, 2025 - We have released a new publication series in collaboration with our international partners on modern defensible architecture, providing organisations with a clear framework to begin investment and implementation.

Implementing SIEM and SOAR platforms: Executive guidance   Publication

May 27, 2025 - This publication is one of three in a suite of guidance on SIEM and SOAR platforms. It is primarily intended for executives but can be used by any organisation that is considering whether and how to implement a SIEM and/or SOAR.

Implementing SIEM and SOAR platforms: Practitioner guidance   Publication

May 27, 2025 - This publication provides high-level guidance for cyber security practitioners on Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.

Mitigations for network defence   Publication

Oct 15, 2025 - This guidance provides actions for both executives and technical staff to strengthen their organisation’s network infrastructure.

Cyber Security Awareness Month 2025  

Sep 30, 2024 - Take action to protect your networks and digital infrastructure now and into the future.

Guidelines for cyber security roles   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on cyber security roles.

Identifying and Mitigating Living Off the Land Techniques   Advisory

Feb 8, 2024 - This Guide, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and the following agencies (hereafter referred to as the authoring agencies), provides information on common living off the land (LOTL) techniques and common gaps in cyber defense capabilities.

2023-03: ASD's ACSC Ransomware Profile – Lockbit 3.0   Advisory

Jun 15, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of Lockbit 3.0 which is the newest version of Lockbit ransomware. It is used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes as other variants such as encrypting their data, and extorting a ransom to return access to the sensitive files.

Gateway security guidance package: Gateway security principles   Publication

Jul 29, 2025 - Guidance written for audiences responsible for the procurement, operation and management of gateways.

Planning for post-quantum cryptography   Publication

Sep 22, 2025 - Prepare your organisation for post-quantum cryptography with advice on transition timelines, milestones, and a framework to map transition stages.

The Commonwealth Cyber Security Posture in 2024   Reports and statistics

Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cyber security measures implemented across the Australian Government for the 2023–24 financial year.

2023-01: ASD's ACSC Ransomware Profile - Royal   Advisory

Jan 24, 2023 - The Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) is aware of a ransomware variant called Royal, which is being used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia. Once gaining access to a victim’s environment, cybercriminals use this ransomware for similar purposes to other variants such as encrypting their data and extorting a ransom to return access to the sensitive files.