Search

Mitigation strategies for edge devices: Practitioner guidance   Publication

Feb 4, 2025 - This publication expands on Mitigation strategies for edge devices: executive guidance. It provides IT practitioners with a list of mitigation strategies for the most common types of edge devices and appliances across enterprise networks and large organisations.

Malicious insiders   Threat

Jun 23, 2020 - Malicious insiders can be employees, former employees, contractors or business associates who have legitimate access to your systems and data, but use that access to destroy data, steal data or sabotage your systems. It does not include well-meaning staff who accidentally put your cybersecurity at risk or spill data.

PRC state-sponsored actors compromise and maintain persistent access to U.S. critical infrastructure   Advisory

Feb 8, 2024 - The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.

Types of scams   Guidance

Learn about the common types of scams, how to identify them and how to recover from them.

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns   Advisory

Dec 8, 2023 - The Russia-based actor is targeting organisations and individuals in the UK and other geographical areas of interest.

Hunting Russian Intelligence “Snake” Malware   Advisory

May 10, 2023 - This Cybersecurity Advisory (CSA) provides background on Snake’s attribution to the FSB and detailed technical descriptions of the implant’s host architecture and network communications.

Marketing and filtering email service providers   Publication

Oct 6, 2021 - This publication provides high level guidance on how to use email service providers (ESPs) in particular deployment scenarios. The considerations and controls described in that publication also apply to ESPs sending email on other organisations’ behalf.

Understanding Ransomware Threat Actors: LockBit   Advisory

May 8, 2024 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) alongside international partners have released a joint advisory on the ransomware variant LockBit. It functions as an affiliate-based Ransomware-as-a-Service (RaaS) model where affiliates are recruited to conduct ransomware attacks using LockBit ransomware tools and infrastructure.

Choosing secure and verifiable technologies: Executive guidance   Publication

Dec 5, 2024 - This guide supports senior leaders to enable their organisations to understand their threat environment and make better-informed assessments and decisions to procure secure technologies.

Gateway security guidance package: Gateway operations and management   Publication

Jul 29, 2022 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.

Recognise and report scams  

Feb 1, 2023 - Scams are a common way that cybercriminals compromise accounts. Being alert to scam messages is a great way to protect yourself online.

Threat update: COVID-19 malicious cyber activity 27 March 2020   Advisory

Mar 27, 2020 - This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities   Advisory

Nov 22, 2021 - Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple U.S. critical infrastructure sectors, including the Transportation Sector and the Healthcare and Public Health Sector, as well as Australian organisations.

While you are shopping   Guidance

The best way to avoid being a victim of cybercrime is to be informed. It is really important to know how to secure your device and recognise a fake website or scammer.

The silent heist: cybercriminals use information stealer malware to compromise corporate networks   Advisory

Sep 2, 2024 - Information stealer malware steals user login credentials and system information that cyber threat actors exploit, predominantly for monetary gain. Information stealers have been observed in attacks against multiple organisations and sectors worldwide, including Australia. This advisory provides readers with cyber security guidance on information stealers, including threat activity and mitigation advice for individuals and organisations.

Threat update: COVID-19 malicious cyber activity 20 April 2020   Advisory

Apr 20, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) continues to receive reports from individuals, businesses and government departments about a range of different COVID-19 themed scams, online frauds and phishing campaigns. This threat update is about raising awareness of the evolving nature of COVID-19 related malicious cyber activity impacting Australians.

How to combat fake emails   Publication

Oct 6, 2021 - Organisations can reduce the likelihood of their domains being used to support fake emails by implementing Sender Policy Framework (SPF) and Domain-based Message Authentication, Reporting and Conformance (DMARC) records in their Domain Name System (DNS) configuration. Using DMARC with DomainKeys Identified Mail (DKIM) to sign emails provides further safety against fake emails. Likewise, organisations can better protect their users against fake emails by ensuring their email systems use and apply SPF, DKIM and DMARC policies on inbound email.

Detecting and mitigating Active Directory compromises   Publication

Jan 22, 2025 - This publication provides an overview of techniques used to compromise Active Directory, and recommended strategies to mitigate these techniques. By implementing the recommendations in this publication, organisations can significantly improve their Active Directory security, and therefore their overall network security posture.

2022-004: ASD's ACSC Ransomware Profile – ALPHV (aka BlackCat)   Advisory

Apr 14, 2022 - ALPHV (aka BlackCat, Noberus) is a ransomware variant first observed in late 2021, used by cybercriminals to conduct ransomware attacks against multiple sectors and organisations worldwide, including Australia.

日本語 (Japanese)   Guidance

Apr 19, 2024 - The information and resources available are intended to increase your safety online and have been translated into Japanese.

हिंदी (Hindi)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Hindi.

Hrvatski (Croatian)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Croation.

Bahasa Indonesia (Indonesian)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Indonesian.

македонски (Macedonian)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Macedonian.

Malti (Maltese)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Maltese.

中文简体 (Simplified Chinese)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Chinese Simplified.

Tiếng Việt (Vietnamese)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Vietnamese.

Italiano (Italian)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Italian.

한국어 (Korean)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Korean.

Español (Spanish)   Guidance

Aug 17, 2023 - The information and resources available are intended to increase your safety online and have been translated into Spanish.