You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying results for Displaying 271 - 300 of 517 results.
Remote code execution vulnerability present in SonicWall SMA 100 series appliances Alert
Jan 19, 2022 A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.
Safer Internet Day 2021 News
Feb 9, 2021 Safer Internet Day on 9 February 2021 aims to raise awareness of emerging online issues and share strategies everyone can use for staying secure online.
Zoho ManageEngine ServiceDesk Plus & Desktop Central remote code execution vulnerabilities Alert
Dec 8, 2021 Vulnerabilities have been identified in certain versions of Zoho ManageEngine ServiceDesk Plus and Desktop Central product suites. Australian organisations using vulnerable Zoho ManageEngine products should apply the available patch.
Exercise in a Box
Nov 17, 2022 This service provides an all-in-one platform that organisations can use to assess and improve their cyber security practices, in a controlled environment, and as many times as they want.
High Severity Vulnerability present in Microsoft Outlook for Windows Alert
Mar 29, 2023 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a Microsoft Outlook for Windows vulnerability. All Australian organisations using all versions of Microsoft Outlook for Windows should apply the available patch immediately.
If things go wrong Guidance
If you think you're a victim of a scam, there are steps you can take to protect yourself from further harm.
Multiple vulnerabilities in Jenkins products Alert
Jan 30, 2024 ASD’s ACSC is aware of multiple vulnerabilities impacting Jenkins products including CVE 2024-23897 (Critical) & CVE-2024-23898 (High). Organisations using Jenkins products are strongly advised to follow the mitigation advice provided by Jenkins and patch affected versions.
Critical Infrastructure Uplift Program (CI-UP) Program page
Apr 16, 2024 The Critical Infrastructure Uplift Program (CI-UP) offers a range of services that assist critical infrastructure (CI) partners to improve their resilience against cyberattacks.
Vulnerability in Ivanti Endpoint Manager Mobile (EPMM) Alert
Jul 25, 2023 This Alert is relevant to Australians who are running Ivanti EPMM. This alert is intended to be understood by slightly more technical users. Users are encouraged to immediately apply any available patches.
Iranian Government-Sponsored APT Cyber Actors Alert
Nov 17, 2021 FBI and CISA have observed an Iranian government-sponsored APT group that are exploiting vulnerabilities to gain access to systems. The APT group has exploited the same Microsoft Exchange vulnerability in Australia.
Marketing and Filtering Email Service Providers Publication
Oct 6, 2021 This publication provides high level guidance on how to use email service providers (ESPs) in particular deployment scenarios. The considerations and controls described in that publication also apply to ESPs sending email on other organisations’ behalf.
Guidelines for Software Development Advice
Sep 26, 2024 This chapter of the Information Security Manual (ISM) provides guidance on software development.
Secure your user account Guidance
Jan 24, 2024 A user account is the account you use to sign in on your computer at home, school or work. Cybercriminals will target unsecure accounts and take advantage of poor security habits within the home and businesses. Their goal is to get access to your computer and steal your information. There are many ways to improve your account security, keep your accounts safe and avoid being the victim of a cyber attack.
Update your devices
Jan 25, 2023 Updates are new, improved, or fixed versions of software. Regular updates are critical in maintaining a secure system. It's important to check for any updates and make sure that automatic updates are switched on.
Preventing Web Application Access Control Abuse Advisory
Jul 28, 2023 The Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers of web applications and organizations using web applications about insecure direct object reference (IDOR) vulnerabilities.
ASD's ACSC/NCSC collaboration to strengthen cyber security posture News
Nov 4, 2022 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the UK’s National Cyber Security Centre (NCSC) are committed to improving our respective nation’s cyber security posture and protecting our networks from cyber threats.
The ASD's ACSC On-Call 24/7 News
Nov 25, 2021 All Australians now have greater access to cyber security help and advice through the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) enhanced national Cyber Security Hotline - 1300 CYBER1.
Australian Signals Directorate unveils new facility News
Mar 23, 2022 The Australian Signals Directorate (ASD) has unveiled a new world-class cyber and foreign intelligence facility, as the agency prepares to mark 75 years defending Australia from global threats.
Cyber Security Research Report Reports and statistics
Dec 15, 2020 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) commissioned exploratory research to better understand audience awareness of cyber security threats and practices.
Head of ACSC talks cyber security with Natarsha Belling in podcast special News
Nov 29, 2021 Ms Abigail Bradshaw, head of the Australian Cyber Security Centre (ACSC), recently sat down with journalist Natarsha Belling to discuss the common cyber threats affecting Australians today.
Ransomware targeting Australian aged care and healthcare sectors Alert
Aug 2, 2020 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of increased targeting of healthcare, including hospitals and aged care, by ransomware campaigns undertaken by cyber criminals.
Sign up for alerts
Nov 14, 2024 Sign up for alerts on the latest threats and vulnerabilities.
Small Business Cloud Security Guides: Technical Example - User Application Hardening Publication
Dec 16, 2022 User application hardening protects an organisation from a range of threats including malicious websites, advertisements running malicious scripts and exploitation of vulnerabilities in unsupported software. These attacks often take legitimate application functionality and use it for malicious purposes. User application hardening makes it harder for cybercriminals to exploit vulnerabilities or at-risk functionality in your organisation’s applications.
Social media terms of use
May 7, 2024 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) uses a number of social media services as part of its communications activities. These services include Facebook, Twitter, LinkedIn, Vimeo and YouTube.
Important Vulnerabilities in Microsoft’s June 2023 Security Update Alert
Jun 15, 2023 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about vulnerabilities disclosed in Microsoft’s June 2023 Security Update. Government, businesses and individuals should patch their Microsoft products and apply any recommended mitigations as soon as possible.
Travelling With Mobile Devices Publication
Mar 26, 2024 Learn how to keep mobile devices secure when travelling. This guidance provides advice from both an individual and organisational perspective.
Implementing Application Control Publication
Nov 27, 2023 Application control is one of the most effective mitigation strategies in ensuring the security of systems. As such, application control forms part of the Essential Eight from the Strategies to Mitigate Cyber Security Incidents. This publication provides guidance on what application control is, what application control is not, and how to implement application control.
Patching Applications and Operating Systems Publication
Nov 27, 2023 Applying patches to applications and operating systems is critical to keeping systems secure. Patching forms part of the Essential Eight from the Strategies to Mitigate Cyber Security Incidents.
Multiple vulnerabilities present in the Spring Framework for Java Alert
Apr 4, 2022 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of media reporting relating to multiple potential vulnerabilities, including the so-called SpringShell vulnerability, in the Java Spring framework and its execution environments. These vulnerabilities pose a threat to organisations running applications on the web which contain components using the Java Spring framework.
Set up and perform regular backups
Nov 9, 2022 Backing up and having backups mean you can restore your files if something goes wrong. It is a precautionary measure so that your data is accessible in case something happens to your computer.
