Serviceteam IT Security News

Reported Critical Vulnerabilities In Microsoft Software On the Rise

Avecto researchers say removing admin rights from users would mitigate many of the...
Serviceteam IT Security News

Word-based Malware Attack Doesn’t Use Macros

Malicious e-mail attachments used in this campaign don’t display any warnings when opened...
Serviceteam IT Security News

Venerable Unicode Technique Used to Deliver Cryptomining Malware Through Telegram

It's just the latest reported vulnerability for the secure messaging application. ...
Serviceteam IT Security News

Two Nasty Outlook Bugs Fixed in Microsoft’s Feb. Patch Tuesday Update

One of the bugs could allow a successful attack simply by a user...
Serviceteam IT Security News

Home user guidance to manage processor vulnerabilities ‘Meltdown’ and ‘Spectre’

What are Meltdown/Spectre? ‘Meltdown' and 'Spectre' are two security flaws affecting microprocessors. Actions...
Serviceteam IT Security News

'Meltdown' and 'Spectre' guidance

What are Meltdown/Spectre? 'Meltdown' and 'Spectre' are two related, side-channel attacks against modern...
Serviceteam IT Security News

Romance Scams Drive Necurs Botnet Activity in Run Up to Valentine’s Day

Emails try to get recipients to share revealing photos of themselves so scammers...
Serviceteam IT Security News

‘Olympic Destroyer’ Malware Behind Winter Olympics Cyberattack, Researchers Say

The malware's sole purpose was to take down systems, not steal data, Cisco...
Serviceteam IT Security News

4,500 young women race to complete CyberFirst Girls online challenge

We have been blown away by the fantastic response to this year’s CyberFirst Girls...
Serviceteam IT Security News

U.K. and U.S. Government Websites Among Thousands Infected by Cryptocurrency Miner

The attack could have been averted through a technique called subresource integrity, according...
Serviceteam IT Security News

Lenovo Warns Critical WiFi Vulnerability Impacts Dozens of ThinkPad Models

Lenovo issued a security bulletin Friday warning customers of two previously disclosed critical...
Serviceteam IT Security News

Cisco Confirms Critical Firewall Software Bug Is Under Attack

Cisco has issued patches for the vulnerability, which could be up to seven...
Serviceteam IT Security News

Introducing the Mitigating Malware and Preventing Lateral Movement Guidance

Last year, following the global WannaCry incident in May 2017, the NCSC published...
Serviceteam IT Security News

Apple Downplays Impact of iBoot Source Code Leak

Apple said the leak of its iBoot source code will have little...
Serviceteam IT Security News

Insurance Customers’ Personal Data Exposed Due to Misconfigured NAS Server

The vulnerability also exposed login credentials for a massive national insurance claims database,...
Serviceteam IT Security News

Gojdue Variant Eludes Microsoft, Google Cloud Protection, Researchers Say

Researchers have identified a new ransomware strain that went undetected by built-in malware...
Serviceteam IT Security News

Introducing new guidance on Virtual Private Networks (VPNs)

To help you decide on your approach to using a VPN for remote access, we have just released our new VPN guidance. We know many of you struggle with the multitude of configuration options and products available when making decisions on VPN…
Serviceteam IT Security News

Hotspot Shield Vulnerability Could Reveal ‘Juicy’ Info About Users, Researcher Claims

Hotspot Shield has been downloaded more than 500 million times, according to its...
Serviceteam IT Security News

Cisco Issues New Patches for Critical Firewall Software Vulnerability

The vulnerability has a CVSS base score of 10.0, the highest possible, and...
Serviceteam IT Security News

Announcing the NCSC’s new Phishing Guidance

I'm delighted to announce the publication today of our new guidance, Phishing Attacks: Defending...
Serviceteam IT Security News

Research into dealing with weak domain passwords

Update We are no longer looking for participants for this study, but we...
Serviceteam IT Security News

Active Cyber Defence – one year on

In November 2016, just after the NCSC formally came into existence, and as...
Serviceteam IT Security News

JenX Botnet Has Grand Theft Auto Hook

A GTA hosting site is offering powerful DDoS attacks for $20 a pop,...
Serviceteam IT Security News

New Western Digital My Cloud Bugs Give Local Attackers Root on NAS Devices

Two new WD My Cloud vulnerabilities have been identified, adding to last month’s...
Serviceteam IT Security News

Crypto Miners May Be the ‘New Payload of Choice’ for Attackers

Crypto mining botnets provide a stealthy way to generate big bucks, without the...
Serviceteam IT Security News

Massive Smominru Cryptocurrency Botnet Rakes In Millions

Researchers say Smominru threat actors are in control of 500,000 node botnet and...
Serviceteam IT Security News

Updating our Factory Reset Guidance

We’ve just published new End User Devices Factory Reset Guidance on our website. We hope...
Serviceteam IT Security News

Cisco Patches Critical VPN Vulnerability

Cisco Systems released a patch Monday to fix a critical security vulnerability, with...
Serviceteam IT Security News

NCSC IT: How the NCSC built its own IT system

“When are you going to share the design of the NCSC IT system?”...
Serviceteam IT Security News

D1. Response and recovery planning

Principle There are well-defined and tested incident management processes in place, that aim...