#NCSC

China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems Globally

by

June 12, 2024 at 05:15AM China-backed threat actors accessed 20,000 Fortinet FortiGate systems globally by exploiting a critical vulnerability, with the operation impacting Western governments, international organizations, and defense companies. The attackers deployed a backdoor to maintain remote access and spread malware, highlighting the increasing trend of targeting edge devices for cyber attacks. For more … Read more

Qilin ransomware gang linked to attack on London hospitals

by

June 5, 2024 at 02:00PM Cyber criminals from the Qilin ransomware operation have targeted pathology services provider Synnovis, impacting several major NHS hospitals in London. The attack has caused disruptions to primary healthcare services and led to the postponement and cancellation of non-emergency appointments and surgeries. The group is known for double-extortion attacks, demanding ransom … Read more

British Library’s candid ransomware comms driven by ’emotional intelligence’

by

May 20, 2024 at 05:45AM The British Library CEO Roly Keating emphasized the importance of emotional intelligence in managing the response to a ransomware attack. The organization prioritized frequent and empathetic communication as it navigated the recovery process, including openly sharing a detailed analysis of the incident. Cross-sector collaboration was also crucial to the library’s … Read more

Norway recommends replacing SSL VPN to prevent breaches

by

May 16, 2024 at 03:08PM The Norwegian NCSC advises replacing SSLVPN/WebVPN with more secure options due to repeated vulnerabilities exploitation in network devices. The transition deadline is 2025, with critical infrastructure entities expected to switch by the end of 2024. The recommended alternative is IPsec with IKEv2, aiming to decrease the attack surface for secure … Read more

Stifling Beijing in cyberspace is now British intelligence’s number-one mission

by

May 16, 2024 at 10:49AM The annual CYBERUK conference, hosted by the National Cyber Security Centre, focused on the theme “Future Tech, Future Threat, Future Ready”. While discussions addressed the future of security technology and Russian and Chinese cyber threats, the urgency for cyber resilience and collaboration was emphasized as a critical strategy to counter … Read more

NCSC CTO: Broken market must be fixed to usher in new tech

by

May 16, 2024 at 05:42AM NCSC CTO Ollie Whitehouse spoke at CYBERUK, criticizing the tech market for contributing to cybersecurity issues. He highlighted the increase in vulnerabilities, emphasized the need to address technical debt, and advocated for holding vendors accountable for security failings. He urged for reform in the market and emphasized the importance of … Read more

What to do in the age of the critical breach

by

April 25, 2024 at 05:19AM In March 2024, the UK government faced criticism for its response to cyber-espionage attacks by group APT31. The National Cyber Security Centre reported inadequate resilience in critical infrastructure. The upcoming webinar by Tim Phillips and Rubrik CISO Richard Cassidy will address cyber security threats and recovery strategies for organizations. Sign … Read more

Leicester streetlights take ransomware attack personally, shine on 24/7

by

April 23, 2024 at 07:13AM Leicester City Council experienced a ransomware attack causing residential streetlights to stay on continuously, disrupting daily life. The cyberattack led to system shutdowns and data theft, making the council reluctant to pay the ransom. The 1.3 TB data breach prompted close cooperation with law enforcement and data breach notifications to … Read more

NCSC Says Newer Threats Need Network Defense Strategy

by

April 19, 2024 at 12:36PM The NCSC warns that network defense strategies must adapt to newer threats, as attackers exploit vulnerabilities in network perimeter products like firewalls and VPNs. They suggest demanding security evidence from vendors, avoiding unverified products, reducing risk in self-hosted solutions, ensuring developer accountability, and adopting a cloud-first approach to security, emphasizing … Read more

Ransomware gang did steal residents’ confidential data, UK city council admits

by

April 4, 2024 at 06:56AM Leicester City Council confirms a ransomware attack where data was stolen and leaked, impacting residents with exposed personal information. The council is working with authorities to investigate, while residents are advised to remain vigilant. They have restored many services and shared their efforts to address the situation. Similar attacks have … Read more