You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying results for Displaying 241 - 260 of 260 results.
Security Configuration Guide – Samsung Galaxy S10, S20 and Note 20 Devices Publication
Oct 6, 2021 ASD has developed this guide to assist Australian’s to understand risks when deploying Samsung Galaxy and Samsung Note devices and the security requirements that need to be met to allow them to handle classified data.
Iranian cyber actors’ brute force and credential access activity compromises critical infrastructure Advisory
Oct 17, 2024 The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn network defenders on Iranian cyber actors’ compromising, frequently using brute force attacks, organizations across multiple critical infrastructure sectors, including the healthcare and public health (HPH), government, information technology, engineering, and energy sectors. The actors likely aim to obtain credentials and information describing the victim’s network that can then be sold to enable access to cybercriminals.
Shifting the Balance of Cybersecurity Risk Publication
Oct 17, 2023 The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the following international partners provide the recommendations in this guide as a roadmap for technology manufacturers to ensure security of their products.
Gateway Security Guidance Package: Gateway Technology Guides Publication
Jul 29, 2022 This guidance is one part of a package of documents that forms the gateway security guidance package. When designing, procuring, operating, maintaining or disposing of a gateway, it is important to consider all the documents from the gateway security guidance package at different stages of governance, design and implementation, and not to consume this guidance in isolation.
Secure Your Website Guidance
Jul 29, 2024 Small business account for over 95% of all businesses in Australia and 72% of them have a website. However, in a world in which websites are increasingly being targeted by cyber criminals, only 36% check for updates every week. For those small businesses with a website, or that are considering one, these three quick wins will help you protect your money, data and reputation.
Guidelines for procurement and outsourcing Advice
Dec 12, 2024 This chapter of the Information security manual (ISM) provides guidance on procurement and outsourcing activities.
2022-004: ASD's ACSC Ransomware Profile – ALPHV (aka BlackCat) Advisory
Apr 14, 2022 ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia.
Hardening Microsoft Windows 10 and Windows 11 Workstations Publication
Jul 16, 2024 This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 10 and Windows 11. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 10 version 22H2 and Windows 11 version 23H2.
PRC state-sponsored actors compromise and maintain persistent access to U.S. critical infrastructure Advisory
Feb 8, 2024 The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.
Review your email account security Guidance
Apr 11, 2023 How to check your email account security for Gmail and Outlook.
Cyber Security Incident Response Planning: Practitioner Guidance Publication
Dec 12, 2024 ASD defines a cyber security incident as an unwanted or unexpected cyber security event, or a series of such events, that has either compromised business operations or has a significant probability of compromising business operations.
Secure by Demand Publication
Jan 14, 2025 This Secure by Demand guide, authored by CISA with contributions from the following partners, describes how OT owners and operators should integrate security into their procurement process when purchasing industrial automation and control systems as well as other OT products.
Engaging with Artificial Intelligence Publication
Jan 24, 2024 The purpose of this paper is to provide organisations with guidance on how to use Artificial Intelligence (AI) systems securely. The paper summarises some important threats related to AI systems and includes cyber security mitigation strategies to aid organisations in engaging with AI while managing risk. It provides mitigations to assist both organisations that maintain their own AI systems and organisations that use third-party AI systems.
Detecting and mitigating Active Directory compromises Publication
Jan 22, 2025 This publication provides an overview of techniques used to compromise Active Directory, and recommended strategies to mitigate these techniques. By implementing the recommendations in this publication, organisations can significantly improve their Active Directory security, and therefore their overall network security posture.
Principles of operational technology cyber security Publication
Oct 2, 2024 Critical infrastructure organisations provide vital services, including supplying clean water, energy, and transportation, to the public. These organisations rely on operational technology (OT) to control and manage the physical equipment and processes that provide these critical services. As such, the continuity of vital services relies on critical infrastructure organisations ensuring the cybersecurity and safety of their OT.
The Commonwealth Cyber Security Posture in 2023 Reports and statistics
Nov 16, 2023 The Commonwealth Cyber Security Posture in 2023 informs Parliament on the implementation of cyber security measures across the Australian Government for the 2022–23 financial year. According to the Flipchart of PGPA Act Commonwealth entities and companies, as of 30 June 2023 the Australian Government comprised 100 non-corporate Commonwealth entities (NCEs), 72 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs); totalling 189 Australian government entities.
The Commonwealth Cyber Security Posture in 2022 Reports and statistics
Dec 16, 2022 The Commonwealth Cyber Security Posture in 2022 (the report) informs Parliament on the implementation of cyber security measures across the Commonwealth government, for the period January 2021 to June 2022. As of June 2022, the Commonwealth comprised 97 non-corporate Commonwealth entities (NCCEs), 71 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs).
Choosing secure and verifiable technologies Publication
Dec 5, 2024 The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and international partners have provided recommendations in this guide as a roadmap for choosing secure and verifiable technologies.
#StopRansomware: BianLian Ransomware Group Advisory
Nov 21, 2024 The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint Cybersecurity Advisory to disseminate known BianLian ransomware and data extortion group IOCs and TTPs identified through FBI and ASD's ACSC investigations as of March 2023.
Strategies to Mitigate Cyber Security Incidents – Mitigation Details Publication
Feb 1, 2017 The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help cyber security professionals in all organisations mitigate cyber security incidents caused by various cyber threats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.
