News

• Posted February 27, 2024
• Cyber Security Alerts
• Technical Advisories

An advisory published by the UK’s National Cyber Security Centre (NCSC UK) details recent tactics, techniques and procedures (TTPs) of the group commonly known as APT29, also known as Midnight Blizzard, the Dukes or Cozy Bear.

• Posted February 22, 2024
• Cyber Security Alerts
• Technical Advisories

The NCSC would like to draw your attention to two CVEs affecting all versions of ConnectWise ScreenConnect before 23.9.8. The NCSC is aware of open-source reporting of active exploitation and a proof of concept.

• Posted February 19, 2024
• Cyber Security Alerts
• Technical Advisories

The NCSC would like to draw your attention to two critical zero-day vulnerabilities affecting Microsoft products: CVE-2024-21410 affecting Exchange Server and CVE-2024-21413 affecting Outlook.

• Posted February 15, 2024

Laura, an NCSC analyst, shares insights into her workday – and it’s not what you might think.

• Posted February 09, 2024
• Cyber Security Alerts
• Technical Advisories

The NCSC would like to draw your attention to the vulnerabilities CVE-2024-21762 and CVE-2024-23113 affecting FortiOS SSL VPN. Fortinet is aware of potential exploitation of CVE-2024-21762 in the wild.

• Posted February 08, 2024
• Security Advisories
• Technical Advisories

The National Cyber Security Centre (NCSC) joined international partners to publish a joint cyber security advisory titled, ‘PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure’ alongside supplemental joint guidance titled, ‘Identifying and Mitigating Living Off the Land'.