You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying results for Displaying 331 - 360 of 517 results.
Mergers, Acquisitions and Machinery of Government Changes Publication
Jun 10, 2022 This publication provides guidance on strategies that organisations can apply during mergers, acquisitions and Machinery of Government changes.
Report and recover from a data breach Guidance
Jul 14, 2023 A data breach occurs when sensitive or personal information is accessed, disclosed or exposed to unauthorised people.
Securing customer personal data Guidance
Jul 30, 2024 This guide is focused specifically on the protection of customers’ personal data. Guidance on general cyber security for businesses can be found in the Small Business Cyber Security Guide and the Strategies to Mitigate Cyber Security Incidents published by ASD’s ACSC.
Report and recover from scams Guidance
Apr 11, 2023 If someone has stolen your money or personal information, find out what to do and who to contact. We also provide advice on how to avoid scams in future.
Cisco IOS XE Software Web UI Zero Day Vulnerability Alert
Oct 25, 2023 A previously unknown vulnerability (CVE-2023-20198) in the web UI feature of Cisco IOS XE Software could allow a malicious actor to take control of vulnerable devices. All Australian organisations should follow the recommendations published by Cisco.
Copy-paste compromises Alert
Sep 16, 2020 The Australian Government is aware of, and responding to, a sustained targeting of Australian governments and companies by a sophisticated state-based actor. The title ‘Copy-paste compromises’ is derived from the actor’s heavy use of tools copied almost identically from open source.
Critical vulnerability in ConnectWise’s ScreenConnect Alert
Feb 25, 2024 The Australian Signals Directorate’s Australian Cyber Security Centre ( ASD’s ACSC) is aware of a critical vulnerability affecting ConnectWise’s ScreenConnect. Customers should update to the patched version immediately.
Critical Vulnerability in FortiOS Alert
Feb 9, 2024 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is aware of a critical (9.6) vulnerability (CVE-2024-21762) in Fortinet FortiOS devices.
Critical vulnerability in Ivanti CSA 4.6 (Cloud Services Appliance) Alert
Sep 20, 2024 Ivanti has released a security advisory addressing a critical vulnerability affecting Ivanti CSA 4.6 (Cloud Services Appliance). The vulnerability affects Ivanti CSA 4.6 before Patch 519.
CVE-2024-24919 - Check Point Security Gateway Information Disclosure Alert
May 31, 2024 The ASD’s ACSC is aware of CVE-2024-24919 that enables access of sensitive information to an unauthorised actor.
Cyber Safety and Security in Sport News
Jun 8, 2023 Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is partnering with Sport Integrity Australia and the Office of the e-Safety Commissioner to deliver the Cyber Safety and Security in Sport course. The course is part of the ASD’s ACSC's commitment to work with industry and government to strengthen Australia’s cyber security posture.
Cyber security for charities and not-for-profit organisations News
Mar 18, 2024 With cyber-attacks continuing to increase in frequency and severity across all sectors, the Australian Signals Directorate is encouraging charities and not-for-profit organisations to take action to protect their online systems.
Cyber Skills Framework Publication
Sep 10, 2020 The Cyber Skills Framework enables targeted recruitment of cyber specialists, provides a development pathway for current and future cyber staff, and aligns skills, knowledge and attributes with national and international industry standards.
Email security
Jul 29, 2024 Protect yourself, your employees and business from an email security incident before it's too late.
Essential Eight Maturity Model Update News
Nov 27, 2023 The Australian Signals Directorate has updated the Essential Eight Maturity Model (E8MM).
Exploitation of Pulse Connect Secure Vulnerabilities Alert
Apr 21, 2021 New advice for mitigating Pulse Connect Secure Virtual Private Network (VPN) vulnerabilities.
Google Releases Security Updates for Chrome Browser Alert
Jun 21, 2021 On June 17 2021, Google released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. The patch notes for this version can be viewed at Chrome Release Note.
Introduction of legislative change for Limited Use obligation News
Oct 31, 2024 On 9 October 2024, the Australian Government introduced the Intelligence Services and Other Legislation Amendment (Cyber Security) Bill 2024 into Parliament. The Bill amends the Intelligence Services Act 2001 to legislate a Limited Use obligation for the Australian Signals Directorate (ASD).
Ivanti Sentry Authentication Bypass Vulnerability Alert
Aug 22, 2023 An authentication bypass vulnerability (CVE-2023-38035) has been identified that allows unauthorised access to sensitive APIs which can be used to set configuration parameters on the administrator portal (MICS).
Joint statement - attribution to Russia for malicious cyber activity against European networks News
May 11, 2022 Australia and international partners shine a light on Russia’s ongoing unacceptable activity in cyberspace.
Microsoft Releases Security Updates for Microsoft Edge Browser Alert
Jun 30, 2021 On June 24 2021, Microsoft released updates for their Edge Browser addressing two vulnerabilities that an attacker could exploit to inject and execute malicious code.
Microsoft SharePoint CVE-2019-0604 Alert
May 6, 2019 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of malicious cyber actors successfully exploiting a Microsoft SharePoint vulnerability in order to implant web shells on compromised hosts.
Multiple Vulnerabilities in Atlassian Confluence Data Center and Server Alert
Nov 1, 2023 ASD’s ACSC has received information on multiple vulnerabilities in Atlassian’s Confluence Data Center and Server (CVE-2023-22515 & CVE-2023-22518). Organisations are strongly encouraged to take immediate action to ensure affected instances are patched.
National Exercise Program Program page
Jul 12, 2018 Our National Exercise Program helps critical infrastructure and government organisations validate and strength Australia's nationwide cyber security arrangements.
New ASD’s ACSC guidance released to help Australians avoid risks related to social media and messaging applications News
Jul 14, 2022 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has today released updated guidance to help all Australians better understand how social media and messaging apps can pose a risk to the security and privacy of individuals and organisations.
Potential Accellion File Transfer Appliance compromise Alert
Feb 25, 2021 The ACSC has identified Australian organisations that may have been impacted by the Accellion File Transfer Appliance vulnerability and have provided mitigation recommendations.
Remote Code Execution Vulnerability In Cisco Unified Communications Products Alert
Jan 26, 2024 ASD’s ACSC is aware of a vulnerability in Cisco Unified Communications Products (CVE 2024-20253). Organisations using Cisco Unified Communication products are strongly advised to follow the mitigation advice provided by Cisco if they are vulnerable.
Remote Code Execution Vulnerability In Confluence Data Center and Confluence Server Alert
Jan 17, 2024 ASD’s ACSC is aware of a vulnerability in Confluence Data Center and Confluence Server (CVE-2023-22527). Organisations are strongly encouraged to take immediate action to ensure affected instances are patched.
Remote code execution vulnerability present in Fortinet devices Alert
Oct 13, 2022 A vulnerability (CVE-2022-40684) has been identified in several Fortinet products running certain versions from 7.0.0 onwards, that could allow a malicious cyber actor to bypass authentication and perform unauthorised actions. Affected Australian organisations should apply the available patch and follow Fortinet’s mitigation advice.
Secure the Cisco IOS and IOS XE Smart Install Feature Advisory
Apr 17, 2018 Organisations are advised to identify Cisco devices running Smart Install within their networks, evaluate the need of running this feature, and remove or secure the feature as required. Both the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and Cisco documentation contain details on how to accomplish this.
