Latest Cybersecurity News and Articles
12 March 2025
The NCSC, CISA, FBI and NSA publish advice on detection and mitigation of SVR activity following the attribution of the SolarWinds compromise.
12 March 2025
A joint advisory with international partners on the Iranian actor MuddyWater.
12 March 2025
A joint advisory with international partners highlights an Iranian APT exploiting Microsoft Exchange and Fortinet vulnerabilities
12 March 2025
The NCSC and international partners observe an increase in sophisticated, high-impact ransomware incidents against critical infrastructure organisations.
12 March 2025
Dragos case study reveals that Volt Typhoon hacked the US electric grid and stole information on OT systems.
The post China’s Volt Typhoon Hackers Dwelled in US Electric Grid for 300 Days appeared first on SecurityWeek.
12 March 2025
Fortinet has published 17 new advisories to inform customers about 18 vulnerabilities patched in its products.
The post Fortinet Patches 18 Vulnerabilities appeared first on SecurityWeek.
12 March 2025
The UK government's CYBERUK 2022 event takes place 10-11 May at the ICC Wales.
12 March 2025
This advisory highlights the sustained risk to UK companies involved as well as providing further details on the activity and guidance for any organisations affected.
12 March 2025
Cybercriminals don’t just demand money, they go after details like Social Security numbers, birth dates, and banking information to fuel future fraud.
12 March 2025
The Trump administration has cut millions of dollars in federal funding from two cybersecurity initiatives, including one dedicated to helping state and local election officials.
The post Trump Administration Halts Funding for Two Cybersecurity Efforts, Including One for Elections appeared first on SecurityWeek.
12 March 2025
New guidance to support UK construction projects has been jointly published between the NCSC, CPNI and BEIS.
12 March 2025
The Institution of Engineering and Technology has published a Code of Practice with the support of the NCSC.
12 March 2025
New guidance from the NCSC and the Centre for the Protection of National Infrastructure (CPNI) to help fledgling technical companies consider key questions around security.
12 March 2025
APTs are exploiting vulnerabilities in several VPN products used worldwide
12 March 2025
Microsoft Windows Netlogon vulnerability is being actively exploited and organisations should install necessary updates as soon as is practicable.
12 March 2025
A joint NCSC and CISA alert detailing the legacy risk of the malware Qsnatch to QNAP NAS devices
12 March 2025
Microsoft on Tuesday patched a zero-day vulnerability in the Windows Win32 kernel that has been exploited since March 2023.
The post Newly Patched Windows Zero-Day Exploited for Two Years appeared first on SecurityWeek.
12 March 2025
Threat intelligence firm GreyNoise is warning of a "coordinated surge" in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms.
"At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts," the company said, adding it observed the activity on March 9, 2025.
The countries which
12 March 2025
Hackers used compromised credentials to access PowerSchool’s PowerSource portal months before the December 2024 data breach.
The post PowerSchool Portal Compromised Months Before Massive Data Breach appeared first on SecurityWeek.
12 March 2025
How hyper agenda-driven threat actors, cybercriminals, and nation-states integrate digital, narrative, and physical attacks to target organizations through their executives.
The post Webinar Today: Protecting Executives and Enterprises from Digital, Narrative and Physical Attacks appeared first on SecurityWeek.