News

• Posted February 27, 2024
• Technical Advisories
• Cyber Security Alerts

An advisory published by the UK’s National Cyber Security Centre (NCSC UK) details recent tactics, techniques and procedures (TTPs) of the group commonly known as APT29, also known as Midnight Blizzard, the Dukes or Cozy Bear.

• Posted February 22, 2024
• Technical Advisories
• Cyber Security Alerts

The NCSC would like to draw your attention to two CVEs affecting all versions of ConnectWise ScreenConnect before 23.9.8. The NCSC is aware of open-source reporting of active exploitation and a proof of concept.

• Posted February 19, 2024
• Technical Advisories
• Cyber Security Alerts

The NCSC would like to draw your attention to two critical zero-day vulnerabilities affecting Microsoft products: CVE-2024-21410 affecting Exchange Server and CVE-2024-21413 affecting Outlook.

• Posted February 09, 2024
• Technical Advisories
• Cyber Security Alerts

The NCSC would like to draw your attention to the vulnerabilities CVE-2024-21762 and CVE-2024-23113 affecting FortiOS SSL VPN. Fortinet is aware of potential exploitation of CVE-2024-21762 in the wild.

• Posted February 08, 2024
• Technical Advisories
• Security Advisories

The National Cyber Security Centre (NCSC) joined international partners to publish a joint cyber security advisory titled, ‘PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure’ alongside supplemental joint guidance titled, ‘Identifying and Mitigating Living Off the Land'.

• Posted January 24, 2024
• Technical Advisories

New Zealand’s National Cyber Security Centre (NCSC) and CERT NZ have issued a joint product in partnership with the Australian Cyber Security Centre and twelve other international cyber security agencies on how to use AI systems securely.