News

• Posted February 09, 2024
• Cyber Security Alerts
• Technical Advisories

The NCSC would like to draw your attention to the vulnerabilities CVE-2024-21762 and CVE-2024-23113 affecting FortiOS SSL VPN. Fortinet is aware of potential exploitation of CVE-2024-21762 in the wild.

• Posted February 08, 2024
• Security Advisories
• Technical Advisories

The National Cyber Security Centre (NCSC) joined international partners to publish a joint cyber security advisory titled, ‘PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure’ alongside supplemental joint guidance titled, ‘Identifying and Mitigating Living Off the Land'.

• Posted January 24, 2024
• Technical Advisories

New Zealand’s National Cyber Security Centre (NCSC) and CERT NZ have issued a joint product in partnership with the Australian Cyber Security Centre and twelve other international cyber security agencies on how to use AI systems securely.

• Posted January 11, 2024
• Cyber Security Alerts
• Technical Advisories

This Cyber Security Alert concerns two zero-day CVEs affecting Ivanti Connect Secure. The NCSC is aware of public reporting of the active exploitation in the wild from early December 2023.

• Posted December 18, 2023

Lisa Fong, Deputy Director-General GCSB and head of the NCSC, recently spoke at the New Zealand Internet Task Force 2023 Conference, where she discussed the past year and shared some insights into the future of the NCSC.

• Posted December 15, 2023
• Cyber Security Alerts
• Technical Advisories

This Cyber Security Alert concerns a CVE affecting Apache Struts 2. The NCSC is aware of public reporting of the active exploitation and a proof of concept.