You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 211 - 240 of 393 results.
Google Releases Security Updates for Chrome Browser Alert
Jun 21, 2021 - On June 17 2021, Google released Chrome version 91.0.4472.114 for Windows, Mac, and Linux. The patch notes for this version can be viewed at Chrome Release Note.
Phone scams impersonating Australian businesses and government agencies Alert
Aug 13, 2020 - Cybercriminals are spoofing Australian mobile numbers and pretending to be from an Australian Government agency, delivery company or business, manipulating the individual to gain access to their device.
Log4j: What Boards and Directors Need to Know Advisory
Jan 7, 2022 - Log4j is a software library used as a building block found in a wide variety of Java applications. The Log4j vulnerability – otherwise known as Log4Shell – is trivial to exploit, and represents a significant business continuity risk. This publication outlines what Boards and Directors need to know in order to protect their businesses.
Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns Advisory
Dec 8, 2023 - The Russia-based actor is targeting organisations and individuals in the UK and other geographical areas of interest.
Hunting Russian Intelligence “Snake” Malware Advisory
May 10, 2023 - This Cybersecurity Advisory (CSA) provides background on Snake’s attribution to the FSB and detailed technical descriptions of the implant’s host architecture and network communications.
Exploitation of Unitronics Programmable Logic Controllers (PLCs) Alert
Dec 5, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) is concerned about global exploitation of Programmable Logic Controllers (PLC) and is aware of reports of compromise of these devices in Australia. These devices are present in a number of critical sectors such as water, energy, fuel and healthcare.
Safe Software Deployment Publication
Oct 25, 2024 - It is critical for all software manufacturers to implement a safe software deployment program supported by verified processes, including robust testing and measurements.
ASD's ACSC has launched a new campaign on Business Email Compromise News
Jun 28, 2022 - With the end of the financial year ushering in tax season, Australians are urged to strengthen their email security and be alert to criminals trying to fool them into making false payments or giving up details that could make them an easy target for cyber crime.
Report and recover from business email compromise Guidance
Jul 14, 2023 - Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.
Cybercriminals targeting construction companies to conduct email scams Alert
Jul 6, 2021 - Cybercriminals are targeting construction companies to conduct business email compromise scams. All parties to construction projects should be vigilant when emailing about invoices and bank details.
Cyber security is essential when preparing for COVID-19 Advisory
Mar 13, 2020 - In light of the COVID-19 pandemic, organisations are developing strategies to protect staff and vulnerable members of our community.
PRC state-sponsored actors compromise and maintain persistent access to U.S. critical infrastructure Advisory
Feb 8, 2024 - The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities Advisory
Nov 22, 2021 - Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple U.S. critical infrastructure sectors, including the Transportation Sector and the Healthcare and Public Health Sector, as well as Australian organisations.
Protect yourself from ransomware Guidance
Feb 12, 2025 - A ransomware attack could block you from accessing your device or the information on it. Take some time to consider how a ransomware attack might affect you.
ASD's ACSC and international partners encourage action to mitigate risks for Log4j vulnerability News
Dec 23, 2021 - ASD's ACSC and cyber security agency partners have issued a joint statement and advisory on the Log4j vulnerability providing technical details, mitigations and resources to help address the critical software flaw.
New zero trust guidance – seeking industry feedback News
Feb 10, 2025 - Have your say on new Foundations for modern defensible architectures, including zero trust and secure-by-design principles.
Cybersecurity terminology Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity terminology.
Property-related business email compromise scams rising in Australia Alert
Aug 30, 2021 - Cybercriminals are targeting the property and real estate sector to conduct business email compromise scams. All parties involved in the buying, selling and leasing of property should be vigilant when communicating via email, particularly during settlement periods.
Further cyber sanctions in response to Medibank Private cyberattack News
Feb 12, 2025 - Today Australia has imposed targeted financial and travel sanctions on a cyber infrastructure entity – ZServers – and five of its Russian employees for their roles in providing infrastructure to host and disseminate data stolen from Medibank Private in 2022.
2021 Top Malware Strains Advisory
Aug 5, 2022 - This joint Cybersecurity Advisory (CSA) was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).
Gateway security guidance package: Executive guidance Publication
Jul 29, 2022 - The purpose of this guidance is to inform decision-makers at the executive level of their responsibilities, the appropriate considerations needed to make informed risk-based decisions, and to meet policy obligations when leading the design or consumption of their organisation’s gateway services.
Report and recover from a data breach Guidance
Jul 14, 2023 - A data breach occurs when sensitive or personal information is accessed, disclosed or exposed to unauthorised people.
An introduction to securing smart places Publication
Nov 21, 2022 - Smart places, also known as smart cities, are places designed to provide enhanced services to citizens using a collection of smart information technology (IT)-enabled systems and devices that capture, communicate and analyse data. To achieve this purpose, previously discrete technologies and systems are interconnected to allow for large-scale coordination, real-time decision making, and increased visibility and situational awareness of the smart place’s status.
ABC Radio interview with Head of ACSC News
Mar 31, 2021 - Abigail Bradshaw CSC, Head of Australian Cyber Security Centre, interview with Fran Kelly on ABC Radio National, 31 March 2021.
Secure your Wi-Fi and router Guidance
Oct 29, 2024 - How to make your software, devices and networks harder to access and more resilient to attack.
Mitigating Log4Shell and Other Log4j-Related Vulnerabilities Advisory
Dec 23, 2021 - Malicious cyber actors are actively scanning networks to potentially exploit Log4Shell, CVE-2021-45046, and CVE-2021-45105 in vulnerable systems. According to public reporting, Log4Shell and CVE-2021-45046 are being actively exploited. This joint Cybersecurity Advisory is to provide mitigation guidance on addressing vulnerabilities.
Secure your social media Guidance
Jul 29, 2024 - Keep your social media secure by using these tips. Learn how to protect your accounts, privacy and information.
Widespread outages relating to CrowdStrike software update Alert
Jul 21, 2024 - A CrowdStrike software update has led to outages impacting Windows systems.
Preventing Web Application Access Control Abuse Advisory
Jul 28, 2023 - The Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers of web applications and organizations using web applications about insecure direct object reference (IDOR) vulnerabilities.
Guidelines for system hardening Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on system hardening.
