UK exposes Russian military intelligence hijacking vulnerable routers for cyber attacks
New advisory warns cyber threat group APT28 have exploited vulnerable edge devices to support malicious operations.
NCSC Feed
APT28 exploit routers to enable DNS hijacking operations
1 day 5 hours ago
Russian cyber actor APT28 exploit vulnerable routers to hijack DNS, enabling adversary‑in‑the‑middle attacks and theft of passwords and authentication tokens.
NCSC warns of messaging app targeting
1 week 1 day ago
The NCSC has issued actions for individuals at risk of targeted attacks against messaging apps.
Vulnerability affecting F5 BIG-IP APM
1 week 2 days ago
The NCSC is encouraging UK organisations to mitigate an unauthenticated remote code execution vulnerability affecting F5 BIG-IP Access Policy Manager.
Why cyber defenders need to be ready for frontier AI
1 week 2 days ago
Understanding the threats and staying ahead of the adversary
Vulnerabilities affecting Citrix NetScaler ADC and Citrix NetScaler Gateway
2 weeks ago
UK organisations encouraged to take immediate action to mitigate two recently disclosed vulnerabilities affecting Citrix NetScaler ADC and Citrix NetScaler Gateway.
NCSC CEO: Seize 'disruptive' vibe coding opportunity to make software more secure
2 weeks 1 day ago
Dr Richard Horne delivered a keynote about cyber risks and opportunities at the RSAC Conference in San Francisco
Vibe check: AI may replace SaaS (but not for a while)
2 weeks 1 day ago
If ‘vibe coding’ disrupts the software market like SaaS did 20 years ago, what does this mean for cyber security?
How to secure your online meetings
2 weeks 6 days ago
Advice for small and medium-sized organisations on choosing, setting up and using online meeting services safely.
International security chiefs to convene in Glasgow for flagship CYBERUK conference
3 weeks 6 days ago
CYBERUK will be delivered by the NCSC and sponsors across four distinct tracks of activity: Resilience, Technology, Threat, and Ecosystem.
Alert: NCSC advises UK organisations to take action following conflict in the Middle East
1 month ago
In response to the evolving events in the Middle East, the NCSC is advising that UK organisations review their cyber security posture.
Exploitation of Cisco Catalyst SD-WAN
1 month 1 week ago
Agencies strongly encourage immediate investigation of potential compromise of Cisco Catalyst SD-WAN.
Can you help the NCSC with the next phase of EASM research?
1 month 3 weeks ago
Organisations with experience in external attack surface management can help us shape future ACD 2.0 services.
Improving your response to vulnerability management
1 month 3 weeks ago
How to ensure the ‘organisational memory’ of past vulnerabilities is not lost.
Eradicating trivial vulnerabilities, at scale
2 months ago
A new NCSC research paper aims to reduce the presence of ‘unforgivable’ vulnerabilities.
Thanking the vulnerability research community with NCSC Challenge Coins
2 months ago
Reflecting on the positive impact of the Vulnerability Reporting Service – and introducing something new for selected contributors.
Cloud Security Posture Management: silver bullet or another piece in the cloud puzzle?
2 months ago
CSPM tools are big business. Could they be the answer to your cloud configuration problems?
One small step for Cyber Resilience Test Facilities, one giant leap for technology assurance
2 months 1 week ago
CRTFs are helping organisations to make informed, risk-based decisions on the adoption of technology products.
NCSC issues warning over hacktivist groups disrupting UK organisations and online services
2 months 2 weeks ago
Russian‑aligned hacktivist groups continue to target UK organisations with disruptive cyber attacks
Pro-Russia hacktivist activity continues to target UK organisations
2 months 2 weeks ago
The NCSC encourages local government and critical infrastructure operators to harden their ‘denial of service’ (DoS) defences
Checked
6 hours 16 minutes ago
This includes feeds from report, guidance and blog-post
NCSC Feed feed