You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 1 - 30 of 271 results.
Easy steps to secure yourself online Guidance
Apr 7, 2021 - Reduce the risk of being targeted by cybercriminals by following these easy steps.
Personal cybersecurity: Next steps guide Guidance
Jun 16, 2023 - The second of three cybersecurity guides in the pesonal cybersecurity series is designed to help everyday Australians understand a moderate level of cybersecurity and how to take action to protect themselves from cyberthreats.
Personal cybersecurity: Advanced steps guide Guidance
Mar 23, 2023 - The third and final cybersecurity guide in the personal cybersecurity series is designed to help everyday Australians understand an advanced level of cybersecurity and how to take action to protect themselves from cyberthreats.
Personal cybersecurity: First steps guide Guidance
Apr 14, 2023 - The first of three cybersecurity guides in the personal cybersecurity series is designed to help everyday Australians understand a basic level of cybersecurity and how to take action to protect themselves from cyberthreats.
Next.js authentication bypass vulnerability (CVE-2025-29927) Alert
Mar 25, 2025 - An authentication bypass in the middleware layer of Next.js can allow a remote attacker to bypass security checks. Customers should update to the patched version immediately.
Secure by Design
Jul 22, 2024 - Secure by Design is a proactive, security-focused approach to the development of digital products and services that necessitates a strategic alignment of an organisation’s cybersecurity goals. Secure by Design requires cyberthreats to be considered from the outset to enable mitigations through thoughtful design, architecture and security measures. Its core value is to protect consumer privacy and data through designing, building, and delivering products with fewer vulnerabilities.
Secure by Demand Publication
Jan 14, 2025 - This Secure by Demand guide, authored by CISA with contributions from the following partners, describes how OT owners and operators should integrate security into their procurement process when purchasing industrial automation and control systems as well as other OT products.
Secure by Design foundations Publication
Jul 30, 2024 - ASD’s ACSC's Secure by Design foundations represent a first step in a new approach to assist technology manufacturers and customers to adopt Secure by Design. While the foundations are primarily designed to foster discussion within technology manufacturers on how to best approach Secure by Design, they contain relevant information and actions for technology customers.
FortiOS & FortiProxy - Authentication bypass in Node.js websocket module vulnerability Alert
Jan 15, 2025 - Fortinet has released information regarding an identified vulnerability in FortiOS version 7.0 and FortiProxy versions 7.0 and 7.2 instances. ASD’s ACSC recommends customers follow the advice contained in Fortinet’s notification.
New Secure by Demand guidance available for operational technology owners and operators News
Jan 14, 2025 - To protect your systems from threat actors targeting your operational technology components, select products from manufacturers who are Secure-by-Design. Find out which security elements to prioritise.
Secure-by-Design Foundations News
Jul 31, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) has released updated guidance to help technology manufacturers and those who use their digital product or service to adopt secure-by-design principles.
IoT Secure by Design guidance for manufacturers Publication
Sep 21, 2023 - This guidance has been produced for manufacturers in order to help them implement thirteen Secure by Design principles.
Seeking industry feedback on new ASD Foundations for Secure-by-Design News
Nov 2, 2023 - Have your say on how Secure-by-Design practices should look.
New Secure-by-Design publication about memory safety released News
Jun 27, 2024 - Today, we jointly released a new Secure-by-Design publication, Exploring Memory Safety in Critical Open Source Projects, co-authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Canadian Centre for Cyber Security (CCCS).
Ivanti Sentry Authentication Bypass Vulnerability Alert
Aug 22, 2023 - An authentication bypass vulnerability (CVE-2023-38035) has been identified that allows unauthorised access to sensitive APIs which can be used to set configuration parameters on the administrator portal (MICS).
2019-126: Vulnerable version of Telerik UI being actively exploited by APT actor Alert
May 22, 2020 - The Australian Cyber Security Centre (ACSC) has become aware that Advanced Persistent Threat (APT) actors have been scanning for and attempting exploitation against unpatched versions of Telerik UI for ASP.NET AJAX using publicly available exploits. Successful exploitation could allow an attacker to upload files to the vulnerable server to facilitate further compromise.
New Secure-by-Design publication released in collaboration with international partners News
May 15, 2024 - Today, the Australian Signals Directorate has released a new Secure-by-Design advisory, Choosing Secure and Verifiable Technologies, developed and co-sealed with our Five Eyes partners.
Advice for Malicious Cyber Activity by Iran News
Sep 15, 2022 - Australian organisations are urged to be alert to continued malicious cyber activity conducted by Advanced Persistent Threat (APT) actors, assessed to be affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC).
773M accounts affected by 'Collection #1' breach Alert
Mar 15, 2019 - The Australian Cyber Security Centre (ACSC) is aware of a significant data breach affecting 773 million email addresses and usernames.
Processors can be exploited by Meltdown and Spectre vulnerabilities Alert
Jan 29, 2020 - Security researchers have developed methods involving speculative execution to read kernel memory from user space on a variety of processors from a range of vendors produced in the last decade. These methods have been referred to as Meltdown and Spectre.
Recommendations to protect 773M accounts affected by 'Collection #1' breach Advisory
Mar 15, 2019 - This advisory provides recommendations for protecting 773M accounts affected by 'Collection #1' breach.
Critical vulnerability in ManageEngine ADSelfService Plus exploited by cyber actors Alert
Sep 24, 2021 - A vulnerability exists in certain versions of ManageEngine ADSelfService Plus. A cyber actor could exploit this vulnerability to execute arbitrary code, potentially enabling the actor to take control of the vulnerable host. Affected Australian organisations should apply the available security update.
Advisory 2020-004: Remote code execution vulnerability being actively exploited in vulnerable versions of Telerik UI by sophisticated actors Advisory
May 22, 2020 - This advisory is focused around the targeting of CVE-2019-18935 but has significant overlap to the previously released ACSC 2019-126 advisory.
Routers targeted: Cisco Smart Install feature continues to be targeted by Russian state-sponsored actors Alert
Apr 17, 2018 - Russian state-sponsored actors are responsible for activity targeting Cisco devices using the Smart Install feature worldwide, including Australia.
Seniors
Jun 23, 2023 - This guide provides some simple steps and resources to protect your personal information, accounts and life savings when going online.
Small business
Jun 15, 2023 - Basic steps to protect your business and staff from cyberthreats. Our guide has information and resources to help you and your staff prepare for cyberattacks.
Turn on multi-factor authentication
Nov 9, 2022 - Protect your important accounts with extra login steps.
Report and recover
Respond to cyberthreats and take steps to protect yourself from further harm.
Report and recover from business email compromise Guidance
Jul 14, 2023 - Step-by-step guidance on how to respond to and recover from email compromise and impersonation attempts.
Protect yourself online: A guide to cybersecurity for young people Guidance
May 2, 2024 - The steps in this guide can help you navigate the online world with confidence.
