News - Serviceteam IT

Insurance Customers’ Personal Data Exposed Due to Misconfigured NAS Server

The vulnerability also exposed login credentials for a massive national insurance claims database,...

Gojdue Variant Eludes Microsoft, Google Cloud Protection, Researchers Say

Researchers have identified a new ransomware strain that went undetected by built-in malware...

Introducing new guidance on Virtual Private Networks (VPNs)

To help you decide on your approach to using a VPN for remote access, we have just released our new VPN guidance. We know many of you struggle with the multitude of configuration options and products available when making decisions on VPN…

Hotspot Shield Vulnerability Could Reveal ‘Juicy’ Info About Users, Researcher Claims

Hotspot Shield has been downloaded more than 500 million times, according to its...

Cisco Issues New Patches for Critical Firewall Software Vulnerability

The vulnerability has a CVSS base score of 10.0, the highest possible, and...

Announcing the NCSC’s new Phishing Guidance

I'm delighted to announce the publication today of our new guidance, Phishing Attacks: Defending...

Research into dealing with weak domain passwords

Update We are no longer looking for participants for this study, but we...

Active Cyber Defence – one year on

In November 2016, just after the NCSC formally came into existence, and as...

JenX Botnet Has Grand Theft Auto Hook

A GTA hosting site is offering powerful DDoS attacks for $20 a pop,...

New Western Digital My Cloud Bugs Give Local Attackers Root on NAS Devices

Two new WD My Cloud vulnerabilities have been identified, adding to last month’s...

Crypto Miners May Be the ‘New Payload of Choice’ for Attackers

Crypto mining botnets provide a stealthy way to generate big bucks, without the...

Massive Smominru Cryptocurrency Botnet Rakes In Millions

Researchers say Smominru threat actors are in control of 500,000 node botnet and...

Updating our Factory Reset Guidance

We’ve just published new End User Devices Factory Reset Guidance on our website. We hope...

Cisco Patches Critical VPN Vulnerability

Cisco Systems released a patch Monday to fix a critical security vulnerability, with...

NCSC IT: How the NCSC built its own IT system

“When are you going to share the design of the NCSC IT system?”...

Supply chain security collection

Proposing a series of 12 principles, designed to help you establish effective control and...

III. Check your arrangements

10. Build assurance activities into your supply chain management Require those suppliers who...

Objective A. Managing security risk

Principles under this Objective A1. Governance Putting in place the policies and processes...

IV. Continuous improvement

11. Encourage the continuous improvement of security within your supply chain Encourage your...

B1. Service protection policies and processes

Principle The organisation defines, implements, communicates and enforces appropriate policies and processes that...

Introduction to the NIS Directive

General Introduction What does the NIS Directive cover and when will it...

D1. Response and recovery planning

Principle There are well-defined and tested incident management processes in place, that aim...

A4. Supply chain

Principle The organisation understands and manages security risks to networks and information systems...

Supply chain security: 12 Principles infographic

This guidance has been produced to help organisations gain and maintain control of...

D2. Lessons learned

Principle When an incident occurs, steps must be taken to understand its root...

Assessing supply chain management practice

Good Bad Develop partnerships with your suppliers. If your suppliers adopt your approach...

B5. Resilient networks and systems

Principle The organisation builds resilience against cyber-attack and system failure into the design,...

I. Understand the risks

Until you have a clear picture of you supply chain, it will be...

A3. Asset management

Principle Everything required to deliver, maintain or support networks and information systems for...

A2. Risk management

Principle The organisation takes appropriate steps to identify, assess and understand security risks...