New Sandworm Malware Cyclops Blink Replaces VPNFilter

The Sandworm actor has replaced the exposed VPNFilter malware with a new more advanced framework. | Continue reading

@ncsc.gov.uk | 2 years ago

Log4j vulnerability: what should boards be asking?

Advice for board members of medium to large organisations that are at risk from the Apache Log4j vulnerability. | Continue reading

@ncsc.gov.uk | 2 years ago

National Cybersecurity Centre Annual Review 2021

Making the UK the safest place to live and work online | Continue reading

@ncsc.gov.uk | 2 years ago

Mitigating Malware and Ransomware Attacks

How to defend organisations against malware or ransomware attacks | Continue reading

@ncsc.gov.uk | 2 years ago

The logic behind three random words

Whilst not a password panacea, using 'three random words' is still better than enforcing arbitrary complexity requirements. | Continue reading

@ncsc.gov.uk | 2 years ago

Asset Management for Cyber Security

Help understanding what good asset management looks like from a cyber security perspective and some of the challenges it presents. | Continue reading

@ncsc.gov.uk | 2 years ago

UK-US Joint Update on SVR/APT29/Cozy Bear (Solarwinds)

The NCSC, CISA, FBI and NSA publish advice on detection and mitigation of SVR activity following the attribution of the SolarWinds compromise. | Continue reading

@ncsc.gov.uk | 2 years ago

Defending software build pipelines from malicious attack

Compromise of your software build pipeline can have wide-reaching impact; here's how to tackle the problem. | Continue reading

@ncsc.gov.uk | 3 years ago

Securing the NCSC’s Web Platform

Richard C explains how we considered security when creating the NCSC's web platform | Continue reading

@ncsc.gov.uk | 3 years ago

National Cyber Security Centre Annual Review 2020 [pdf]

Continue reading

@ncsc.gov.uk | 3 years ago

National Cyber Security Centre Review 2020 UK [pdf]

Continue reading

@ncsc.gov.uk | 3 years ago

Decrypting Diversity: Diversity and Inclusion in Cyber Security [pdf]

Continue reading

@ncsc.gov.uk | 3 years ago

APT29 targets Covid-19 vaccine development

Detection and mitigation advice for organisations involved in coronavirus vaccine development targeted with custom malware by APT29. | Continue reading

@ncsc.gov.uk | 3 years ago

Let them paste passwords (2017)

Allow your website to accept pasted passwords - it makes your site more secure, not less. | Continue reading

@ncsc.gov.uk | 3 years ago

High level privacy and security design for NHS Covid-19 contact tracing app

NCSC technical paper about the privacy and security design of the NHS contact tracing app developed to help slow the spread of coronavirus. | Continue reading

@ncsc.gov.uk | 4 years ago

The security behind the NHS contact tracing app

In this blog post, Ian Levy explains how the new NHS COVID-19 app will help us fight the coronavirus while protecting your privacy and security (and not draining your phone battery). | Continue reading

@ncsc.gov.uk | 4 years ago

NHS Covid-19: the new contact-tracing app from the NHS

How a new app, built by the NHS, will help slow the spread of coronavirus whilst protecting your privacy | Continue reading

@ncsc.gov.uk | 4 years ago

Terminology: It's Not Black and White

The NCSC now uses 'allow list' and 'deny list' in place of 'whitelist' and 'blacklist'. Emma W explains why... | Continue reading

@ncsc.gov.uk | 4 years ago

First Full Version of the Cyber Security Body of Knowledge Published – NCSC

Authoritative guide to the foundational knowledge underpinning cyber security. | Continue reading

@ncsc.gov.uk | 4 years ago

Weekly Threat Reports – NCSC

Continue reading

@ncsc.gov.uk | 4 years ago

Russian Turla group used Iranian tools and infrastructure to attack Middle East

Continue reading

@ncsc.gov.uk | 4 years ago

Presumably Russian hacking group Turla exploits Iranian APT tools and servers

Continue reading

@ncsc.gov.uk | 4 years ago

Vulnerabilities exploited in VPN products used worldwide

Continue reading

@ncsc.gov.uk | 4 years ago

National Cyber Centre website security check

Continue reading

@ncsc.gov.uk | 4 years ago

Time to Shed Python 2

Continue reading

@ncsc.gov.uk | 4 years ago

Active Cyber Defence – The Second Year

Continue reading

@ncsc.gov.uk | 4 years ago

Active Cyber Defence (ACD) – The Second Year

Continue reading

@ncsc.gov.uk | 4 years ago

Secure Systems Design Principles

Continue reading

@ncsc.gov.uk | 4 years ago

Security Architecture Anti-Patterns

Continue reading

@ncsc.gov.uk | 4 years ago

The NCSC's first 'UK cyber survey' published alongside global password risk list

Continue reading

@ncsc.gov.uk | 5 years ago

Security, complexity and Huawei; protecting UK's telco networks – NCSC

Continue reading

@ncsc.gov.uk | 5 years ago

Firmware updates on Linux, and using data to influence procurement decisions

Continue reading

@ncsc.gov.uk | 5 years ago

NCSC Contact Validation

Continue reading

@ncsc.gov.uk | 5 years ago

UK government cybersecurity report contains code cracking contest

Making the UK the safest place to live and work online. | Continue reading

@ncsc.gov.uk | 5 years ago

Joint report on publicly available hacking tools

Continue reading

@ncsc.gov.uk | 5 years ago

Reckless campaign of cyber attacks by Russian military intel. service exposed

Continue reading

@ncsc.gov.uk | 5 years ago

Indicators of compromise for malware used by APT28 – NCSC Site

Continue reading

@ncsc.gov.uk | 5 years ago

The leaky pipe of secure coding

Continue reading

@ncsc.gov.uk | 5 years ago

EUD Security Guidance: Ubuntu 18.04 LTS

Continue reading

@ncsc.gov.uk | 5 years ago

Protect your management interfaces

Continue reading

@ncsc.gov.uk | 5 years ago