Using secure messaging, voice and collaboration apps
Using secure messaging, voice and collaboration apps With 'hybrid working' (a combination of working from home and the office) now...
Why vulnerabilities are like buses
Why vulnerabilities are like buses There's an old saying that you wait ages for a bus, and then several come...
Log4j vulnerability: what should boards be asking?
Log4j vulnerability: what should boards be asking? The Log4Shell critical vulnerability in the widely used logging tool Log4j has caused concern...
Cyber Security in the Built Environment – considering security throughout a buildings lifecycle
Cyber Security in the Built Environment - considering security throughout a buildings lifecycle A building being designed today is, as...
‘Transaction monitoring’ & ‘Building and operating a secure online service’ guidance published
'Transaction monitoring' & 'Building and operating a secure online service' guidance published If you're responsible for the designing and running...
The Technology Assurance principles
The Technology Assurance principles In this blog post I want to introduce a new family of principles, the Technology Assurance...
Zero Trust migration: where do I start?
Zero Trust migration: where do I start? Following our ‘Zero Trust: is it right for me?' blog, this second installment...
The Cyber Assessment Framework 3.1
The Cyber Assessment Framework 3.1 This latest version of the Cyber Assessment Framework (CAF), 3.1, supports the CAF's core users -...
ACD the 5th Year: report now available to download
ACD the 5th Year: report now available to download The aim of the NCSC's Active Cyber Defence (ACD) programme is...
Mythbusting cloud key management services
Mythbusting cloud key management services The NCSC’s recently-updated cloud security guidance includes a new section on how to configure and...
Avoiding crisis mismanagement
Avoiding crisis mismanagement Every day, an eclectic range of cyber attacks take place across the UK. No two attacks are...
Relaunching the NCSC’s Cloud security guidance collection
Relaunching the NCSC's Cloud security guidance collection This week we have launched the updated NCSC’s cloud security guidance. It’s more...
New SOC guidance 101
New SOC guidance 101 Security operations centres (or SOCs) are notoriously difficult to design, build and operate. But they're also...
Introducing our new machine learning security principles
Introducing our new machine learning security principles Artificial intelligence (AI) and machine learning (ML) systems are increasingly used in every...
The security benefits of modern collaboration in the cloud
The security benefits of modern collaboration in the cloud When using cloud services, it is important to balance the need...
Protect your customers to protect your brand
Protect your customers to protect your brand We're pleased to publish a brace of documents that will help organisations to...
Supply chain cyber security: new guidance from the NCSC
Supply chain cyber security: new guidance from the NCSC Many of us rely on suppliers to deliver products, systems, and...
Securing the cloud (by design *and* by default)
Securing the cloud (by design *and* by default) In any conversation about cloud security, it won’t take long before someone...
Daily Vulnerability Trends: Thu Oct 27 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41352An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An...
British hacker arraigned for running The Real Deal dark web marketplace
A popular British hacker was charged by the U.S. authorities for allegedly running the ‘The Real Deal’ dark web marketplace....
Malware Analysis – wannacry – e5253585af59f9701f1a788ae87b9e73
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: e5253585af59f9701f1a788ae87b9e73SHA1: e1b192fbbde83210802b354dcef2c37aaa180ee2ANALYSIS DATE: 2022-10-27T02:40:21ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – ransomware – f52a0fd36a878077caa1859e9806d4ec
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: f52a0fd36a878077caa1859e9806d4ecSHA1: 3e6ea7b92af7d1b14731ff301d9222c90f4db5d0ANALYSIS DATE: 2022-10-27T03:00:19ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – 5a6ec6e5d23e253236c446cfa5154f7b
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 5a6ec6e5d23e253236c446cfa5154f7bSHA1: 9a9188815add862d081f6f5f18c6de4b08ecb6c7ANALYSIS DATE: 2022-10-27T03:00:26ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – e77ea49d5fbad2932349f52935769e49
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: e77ea49d5fbad2932349f52935769e49SHA1: af147f64e589ddc73f470caad6806618a0c34902ANALYSIS DATE: 2022-10-27T03:00:47ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
