You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 481 - 510 of 519 results.
ISM feedback form Service
Mar 2, 2023 - ISM feedback and enquiries.
Kaseya VSA Supply-Chain Ransomware Attack Alert
Jul 12, 2021 - Patch now available for Kaseya VSA platform.
Remote code execution vulnerability present in SonicWall SMA 100 series appliances Alert
Jan 19, 2022 - A vulnerability (CVE-2021-20038) has been identified in SonicWall SMA 100 series appliances. Exploitation of this vulnerability could allow an unauthenticated malicious cyber actor to perform remote code execution. Affected Australian organisations should apply the available patch.
Cybercrime - getting help Guidance
Apr 11, 2023 - If something has knocked you offline, check out the following information to help you get back up and running!
APT exploitation of Fortinet Vulnerabilities Alert
Apr 3, 2021 - Advanced Persistent Threat (APT) actors targeting historic Fortinet vulnerabilities.
Exploitation of Microsoft Office vulnerability: Follina Alert
Jun 15, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of active exploitation of the Follina zero-day vulnerability in the Microsoft Support Diagnostic Tool (CVE-2022-30190). Affected Australian organisations should take appropriate action.
IRAP community feedback form
Mar 1, 2021 - IRAP Community feedback form for the community to comment on a range of topics about the course
Phishing Threat
Mar 19, 2023 - Learn about phishing attacks and know what to do if you've been targeted.
Contact us Service
Feb 25, 2023 - Contact ASD's ACSC for general enquiries and media enquiries.
Report a vulnerability Service
Report vulnerabilities that are not publicly known, through the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) coordinated vulnerability disclosure service.
Securing edge devices
Feb 4, 2025 - Malicious actors often target internet-facing edge devices to gain unauthorised access to enterprise networks. Learn how to secure edge devices such as routers, firewalls and VPN concentrators.
ASD's ACSC participation in Asia Pacific Computer Emergency Response Team (APCERT) Drill News
Aug 25, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has joined international partners in the annual Asia Pacific Computer Emergency Response Team (APCERT) Drill.
Critical Vulnerability in popular Java framework Apache Struts2 Alert
Dec 14, 2023 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is concerned about a critical Remote Code Execution (RCE) vulnerability in Apache Struts2. This primarily affects Java applications which use this framework. Apache Struts2 is widely used in enterprise and bespoke Java applications.
Multiple vulnerabilities present in VMware products Alert
Aug 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of multiple vulnerabilities in VMware products. Affected Australian organisations should take appropriate action.
Protecting your family Guidance
May 2, 2023 - Advice and guidance for parents and guardians to help children have secure experiences online.
Joint advisory released for Managed Service Providers and Customers to mitigate cybersecurity risks News
May 12, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has today joined with international cyber security agency partners, to warn Managed Service Providers (MSP) of pressing cyber risks and provide guidance on suitable mitigations for them and their customers.
Single Reporting Portal Guidance
Nov 22, 2023 - To help you meet your reporting responsibilities, the Australian Government has brought together a list of Commonwealth legislative reporting requirements that could be triggered by a cybersecurity incident.
Advisory 2020-008: Copy-paste compromises - tactics, techniques and procedures used to target multiple Australian networks Advisory
Sep 16, 2020 - This advisory details the tactics, techniques and procedures (TTPs) identified during the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) investigation of a cyber campaign targeting Australian networks. These TTPs are captured in the frame of tactics and techniques outlined in the MITRE ATT&CK framework.
Remote working
Jul 30, 2024 - This page lists publications on working securely when away from the office environment.
Web hardening
Dec 2, 2020 - This page lists publications on the hardening of services that can be accessed via the World Wide Web.
Advisory 2020-004: Remote code execution vulnerability being actively exploited in vulnerable versions of Telerik UI by sophisticated actors Advisory
May 22, 2020 - This advisory is focused around the targeting of CVE-2019-18935 but has significant overlap to the previously released ACSC 2019-126 advisory.
Network hardening
Apr 11, 2023 - This page lists publications on the hardening of network infrastructure.
Operational technology environments
Oct 4, 2024 - This page lists publications on critical infrastructure and their supporting operational technology environments.
2021-007: Log4j vulnerability – advice and mitigations Advisory
Dec 29, 2021 - On 10 December 2021, ASD's ACSC released an alert relating to a serious vulnerability in versions of the Log4j Java logging library. Malicious cyber actors are using this vulnerability to target and compromise systems globally and in Australia. The ASD's ACSC is working with a significant number of victims and affected vendors across all sectors of the economy.
Educational pack for seniors Guidance
Jun 23, 2023 - This educational pack provides engaging content to help seniors learn how to stay cyber secure. Practical steps and topics range from a basic to advanced level.
Remote code execution vulnerability in Windows DNS (CVE-2020-1350) Alert
Jul 15, 2020 - On 14 July 2020, Microsoft acknowledged a critical remote code execution vulnerability in Windows Domain Name System (DNS), which could allow an adversary to run arbitrary code.
ASD's ACSC Advisory 2020-012: Critical remote code execution vulnerability in Windows DNS server (CVE-2020-1350) Advisory
Jul 15, 2020 - An adversary who successfully exploits the vulnerability could run arbitrary code in the context of the Local System Account. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) strongly recommends users apply the security patch to their Windows DNS servers to prevent an adversary from exploiting this vulnerability.
Translated information
Apr 4, 2024 - We have developed easy-to-follow cybersecurity information and resources to support people from non-English speaking backgrounds to be more cyber secure.
ISM OSCAL releases
Mar 2, 2023 - List of current and previous ISM releases in the OSCAL format.
Educational pack for small businesses Guidance
Jun 15, 2023 - This educational pack provides engaging content to help small business owners learn how to stay cyber secure. Includes practical activities for staff.
