News

• Posted February 19, 2024
• Technical Advisories
• Cyber Security Alerts

The NCSC would like to draw your attention to two critical zero-day vulnerabilities affecting Microsoft products: CVE-2024-21410 affecting Exchange Server and CVE-2024-21413 affecting Outlook.

• Posted February 15, 2024

Laura, an NCSC analyst, shares insights into her workday – and it’s not what you might think.

• Posted February 09, 2024
• Technical Advisories
• Cyber Security Alerts

The NCSC would like to draw your attention to the vulnerabilities CVE-2024-21762 and CVE-2024-23113 affecting FortiOS SSL VPN. Fortinet is aware of potential exploitation of CVE-2024-21762 in the wild.

• Posted February 08, 2024
• Technical Advisories
• Security Advisories

The National Cyber Security Centre (NCSC) joined international partners to publish a joint cyber security advisory titled, ‘PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure’ alongside supplemental joint guidance titled, ‘Identifying and Mitigating Living Off the Land'.

• Posted January 24, 2024
• Technical Advisories

New Zealand’s National Cyber Security Centre (NCSC) and CERT NZ have issued a joint product in partnership with the Australian Cyber Security Centre and twelve other international cyber security agencies on how to use AI systems securely.

• Posted January 11, 2024
• Technical Advisories
• Cyber Security Alerts

This Cyber Security Alert concerns two zero-day CVEs affecting Ivanti Connect Secure. The NCSC is aware of public reporting of the active exploitation in the wild from early December 2023.