Search

Joint Cybersecurity Guide to increase cyber security of products globally   News

Apr 14, 2023 - This guide provides a roadmap for technology manufacturers to ensure security of their products.

Hunting Russian Intelligence “Snake” Malware - Joint Cybersecurity Advisory   News

May 10, 2023 - Today we released a Joint Cybersecurity Advisory with our international partners on the Snake implant. The Snake implant is a sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service for long-term intelligence collection on sensitive targets.

Essential Eight Assessment Course   Program page

Jul 3, 2023 - The Essential Eight Assessment Course will help you understand the intent and application of the Essential Eight, learn to use ASD designed tools, and accurately test the implementation of the Essential Eight.

An Introduction to Securing Smart Places   News

Nov 21, 2022 - New ASD's ACSC publication released to help organisations secure smart places.

People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection joint cybersecurity advisory   News

May 25, 2023 - Today we released a joint advisory with international partners on a recently discovered cluster of activity associated with a People’s Republic of China (PRC) state-sponsored cyber actor.

Small Business Cloud Security Guides: Technical Example - Application Control   Publication

Dec 16, 2022 - Application control restricts the ability of an application to run or install on a device. Application control makes it harder for users to intentionally or unintentionally install unwanted or malicious software.

Critical Infrastructure Uplift Program (CI-UP)   Program page

Apr 16, 2024 - The Critical Infrastructure Uplift Program (CI-UP) offers a range of services that assist critical infrastructure (CI) partners to improve their resilience against cyberattacks.

ASD's ACSC/NCSC collaboration to strengthen cyber security posture   News

Nov 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the UK’s National Cyber Security Centre (NCSC) are committed to improving our respective nation’s cyber security posture and protecting our networks from cyber threats.

Iranian cyber actors’ brute force and credential access activity compromises critical infrastructure   Advisory

Oct 17, 2024 - The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn network defenders on Iranian cyber actors’ compromising, frequently using brute force attacks, organizations across multiple critical infrastructure sectors, including the healthcare and public health (HPH), government, information technology, engineering, and energy sectors. The actors likely aim to obtain credentials and information describing the victim’s network that can then be sold to enable access to cybercriminals.

Malicious actors deploying Gootkit Loader on Australian Networks   Alert

Aug 27, 2021 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed an increase of Gootkit JavaScript (JS) Loaders on Australian networks.

Critical Infrastructure  

Jul 22, 2024 - Technical advice and non-regulatory guidance for critical infrastructure.

Vulnerability Affecting BlackBerry QNX RTOS   Advisory

Aug 17, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of a vulnerability affecting the BlackBerry QNX, the world’s most prevalent real time operating system.

Sustained targeting of the health sector   Alert

Oct 30, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has identified a sustained campaign by sophisticated cybercrime actors impacting the Australian health sector.

Online shoppers the target of Christmas cyber grinches   News

Nov 3, 2021 - In the lead-up to Black Friday and festive season sales, Australians must be alert to the cybercriminals seeking to steal your Christmas joy and your money.

Multi-factor authentication for stronger cyber protection   News

Feb 25, 2021 - Australians are being urged to strengthen proof of identity protections to help stop cybercriminals gaining unauthorised access to online information and accounts.

Accessibility  

Feb 15, 2021 - Under the Disability Discrimination Act 1992, Australian Government agencies are required to ensure information and services are provided in a non-discriminatory, accessible manner.

National Exercise Program   Program page

Jul 12, 2018 - Our National Exercise Program helps critical infrastructure and government organisations validate and strength Australia's nationwide cyber security arrangements.

ASD's ACSC Annual Cyber Threat Report, July 2020 to June 2021   Reports and statistics

Sep 15, 2021 - The ASD's ACSC Annual Cyber Threat Report 2020–21 has been produced by the Australian Cyber Security Centre, with contributions from the Defence Intelligence Organisation (DIO), Australian Criminal Intelligence Commission (ACIC), Australian Security Intelligence Organisation (ASIO), The Department of Home Affairs and industry partners.

SonicWall devices targeted with ransomware utilising stolen credentials   Alert

Aug 3, 2021 - SonicWall devices are being targeted by a malicious cyber actor as targets for ransomware. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of likely related activity targeting Australian organisations.

Cyber Incident Management Arrangements for Australian Governments   Publication

Sep 18, 2023 - The CIMA provides Australian governments with guidance on how they will collaborate in response to, and reduce the harm associated with, national cyber incidents.

Barracuda Email Security Gateway (ESG) malicious activity – additional Indicators of Compromise released   Alert

Dec 25, 2023 - Update: ASD's ACSC is aware of active exploitation of a third party library, Spreadsheet::ParseExcel, leading to potential Arbitrary Code Execution in Barracuda ESG appliances (CVE-2023-7101 and CVE-2023-7102).

Who we are  

Oct 25, 2022 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) leads the Australian Government’s efforts to improve cyber security. Our role is to help make Australia the most secure place to connect online.

Cybercriminals scanning Australian entities for serious cyber vulnerability   News

Dec 21, 2021 - Australians must urgently patch applications and software products as malicious cyber adversaries conduct thousands of scans in search of the vulnerability related to the critical Log4j software flaw.

Cyber Skills Framework   Publication

Sep 10, 2020 - The Cyber Skills Framework enables targeted recruitment of cyber specialists, provides a development pathway for current and future cyber staff, and aligns skills, knowledge and attributes with national and international industry standards.

ASD's ACSC social media community  

Connect with us on Facebook, Twitter and YouTube, and find out how to subscribe to our RSS feeds.

How to dispose of your device securely   Guidance

May 18, 2022 - You should consider that any devices you dispose of could be accessed by strangers.

Home  

Jul 19, 2022 - Welcome to the Australian Cyber Security Centre website - cyber.gov.au

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns   Advisory

Dec 8, 2023 - The Russia-based actor is targeting organisations and individuals in the UK and other geographical areas of interest.

Launch of the Annual Threat Report   News

Nov 4, 2022 - The Annual Cyber Threat Report is ACSC’s flagship unclassified publication. The Report provides an overview of key cyber threats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online.

Mitigating Log4Shell and Other Log4j-Related Vulnerabilities   Advisory

Dec 23, 2021 - Malicious cyber actors are actively scanning networks to potentially exploit Log4Shell, CVE-2021-45046, and CVE-2021-45105 in vulnerable systems. According to public reporting, Log4Shell and CVE-2021-45046 are being actively exploited. This joint Cybersecurity Advisory is to provide mitigation guidance on addressing vulnerabilities.