You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying results for Displaying 61 - 90 of 115 results.
Joint advisory released for Managed Service Providers and Customers to mitigate cybersecurity risks News
May 12, 2022 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has today joined with international cyber security agency partners, to warn Managed Service Providers (MSP) of pressing cyber risks and provide guidance on suitable mitigations for them and their customers.
Gateway security guidance package: Gateway technology guides Publication
Jul 29, 2022 This guidance is one part of a package of documents that forms the Gateway security guidance package. When designing, procuring, operating, maintaining or disposing of a gateway, it is important to consider all the documents from the Gateway security guidance package at different stages of governance, design and implementation, and not to consume this guidance in isolation.
Cybersecurity Best Practices for Smart Cities Publication
Apr 20, 2023 This guidance is the result of a collaborative effort from the United States Cybersecurity and Infrastructure Security Agency (CISA), the United States National Security Agency (NSA), the United States Federal Bureau of Investigation (FBI), the United Kingdom National Cyber Security Centre (NCSC-UK), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), the Canadian Centre for Cyber Security (CCCS), and the New Zealand National Cyber Security Centre (NCSC-NZ).
Protecting Against Cyber Threats to Managed Service Providers and their Customers Advisory
May 12, 2022 This advisory describes cybersecurity best practices for information and communications technology (ICT), focusing on guidance that enables transparent discussions between MSPs and their customers on securing sensitive data.
Small business
Jun 15, 2023 Basic steps to protect your business and staff from cyber threats. Our guide has information and resources to help you and your staff prepare for cyber attacks.
Secure your Microsoft Windows device Guidance
Nov 29, 2024 Your Microsoft Windows device often holds your most important data. Use these simple steps to protect your device from cyber attacks.
People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection Advisory
May 25, 2023 The People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection joint advisory provides examples of the cyber actor’s commands, along with detection signatures to aid network defenders in hunting for this activity.
Resources for business and government
Resources for business and government on cybersecurity.
Small Business Cloud Security Guides: Technical Example - Regular Backups Publication
Dec 16, 2022 Implementing regular backups will assist your organisation to recover and maintain its operations in the event of a cyber incident, for example, a ransomware attack.
Detecting and mitigating Active Directory compromises Publication
Jan 22, 2025 This publication provides an overview of techniques used to compromise Active Directory, and recommended strategies to mitigate these techniques. By implementing the recommendations in this publication, organisations can significantly improve their Active Directory security, and therefore their overall network security posture.
2019-130: Password spray attacks – detection and mitigation strategies Advisory
Aug 5, 2019 This advisory contains detection and mitigation guidance, some of which has been successfully deployed in recent investigations.
2021 Top Routinely Exploited Vulnerabilities Advisory
Apr 28, 2022 This advisory provides details on the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.
Cloud assessment and authorisation Publication
Jan 18, 2024 This publication is co-designed with industry to support the secure adoption of cloud services across government and industry.
Advisory 2020-017: Resumption of Emotet malware campaign Advisory
Oct 30, 2020 The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has observed the resumption of an ongoing and widespread campaign of malicious emails designed to spread the Emotet malware across a variety of sectors in the Australian economy, including critical infrastructure providers and government agencies.
Antivirus software Guidance
Apr 11, 2023 The consequences of viruses, spyware and other malicious software can be serious and far reaching. Follow our guidance about using antivirus software.
Glossary
List of glossary terms used on cyber.gov.au website
Small Business Cloud Security Guides: Introduction Publication
Dec 16, 2022 Securing your business can be a complex task. Among the numerous security priorities and configuration options, it can be difficult to know where to begin. These guides adapt ASD's ACSC’s Essential Eight mitigation strategies and outline an example of how each can be implemented to secure Microsoft 365 capabilities. The technical examples are designed to offer significant protection against cyber incidents while remaining accessible to organisations with limited resources and cyber security expertise.
The silent heist: cybercriminals use information stealer malware to compromise corporate networks Advisory
Sep 2, 2024 Information stealer malware steals user login credentials and system information that cyber threat actors exploit, predominantly for monetary gain. Information stealers have been observed in attacks against multiple organisations and sectors worldwide, including Australia. This advisory provides readers with cyber security guidance on information stealers, including threat activity and mitigation advice for individuals and organisations.
Small Business Cloud Security Guides: Executive Overview Publication
Dec 16, 2022 In recognition of the increasing prevalence of cloud computing, the Australian Cyber Security Centre (ACSC) has published the Small Business Cloud Security Guides. These guides are designed to provide protection against cyber incidents while remaining accessible to organisations which may not have the resources and expertise to implement a more sophisticated strategy.
ASD's ACSC Annual Cyber Threat Report, July 2021 to June 2022 Reports and statistics
Nov 4, 2022 The Annual Cyber Threat Report is the Australian Signals Directorate’s Australian Cyber Security Centre's (ASD’s ACSC) flagship unclassified publication. The Report provides an overview of key cyber threats impacting Australia, how the ACSC is responding to the threat environment, and crucial advice for Australian individuals and organisations to protect themselves online.
Cloud computing security for tenants Publication
Jan 18, 2024 This publication is designed to assist an organisation’s cybersecurity team, cloud architects and business representatives to jointly perform a risk assessment and use cloud services securely.
Essential Eight explained Publication
Nov 27, 2023 This publication provides an overview of the Essential Eight.
Business Continuity in a Box Guidance
Aug 21, 2024 Business Continuity in a Box assists organisations to swiftly and securely stand up critical business functions during or following a cyber security incident that has affected the availability or trust of existing systems.
Guidelines for software development Advice
Dec 12, 2024 This chapter of the Information security manual (ISM) provides guidance on software development.
Australian organisations encouraged to urgently adopt an enhanced cyber security posture Alert
Mar 28, 2022 Australian organisations are encouraged to urgently adopt an enhanced cyber security posture. Organisations should act now and follow ACSC’s advice to improve their cyber security resilience in light of the heightened threat environment.
Travelling with mobile devices Publication
Mar 26, 2024 Learn how to keep mobile devices secure when travelling. This guidance provides advice from both an individual and organisational perspective.
2022 Top Routinely Exploited Vulnerabilities Advisory
Aug 4, 2023 This advisory provides details on the Common Vulnerabilities and Exposures (CVEs) routinely and frequently exploited by malicious cyber actors in 2022 and the associated Common Weakness Enumeration(s) (CWE).
Essential Eight Assessment Guidance Package News
Nov 23, 2022 The Australian Signals Directorate has published updated guidance to help ensure consistent Essential Eight assessment across government and industry.
Cloud computing security for cloud service providers Publication
Jan 18, 2024 This publication is designed to assist cloud service providers (CSPs) in offering secure cloud services. It can also assist assessors in validating the security posture of a cloud service, which is often verified through an Infosec Registered Assessors Program (IRAP) assessment of the CSP services.
End of support for Microsoft Windows and Microsoft Windows Server Publication
Mar 20, 2024 Support for Microsoft Windows and Microsoft Windows Server users following the expiration of the specified servicing timeline.
