NCSC Feed
The 'vibe coding spectrum' approach to AI-assisted software development
6 days 12 hours ago
Different code deserves different levels of oversight, so calibrate your approach to ‘vibe coding’ accordingly.
Alert: NCSC issues advice following global targeting of Fortinet firewalls and VPN gateways
6 days 12 hours ago
Organisations using Fortinet services are being urged to take action following a campaign affecting firewalls and VPN gateways.
NCSC CEO: Hostile states linked to three-quarters of cyber attacks affecting UK's critical systems
1 week ago
Dr Richard Horne highlighted the scale of cyber threats against the UK’s critical infrastructure at RUSI’s Annual Security Lecture.
Software supply chain attacks: check your dependencies
2 weeks 6 days ago
Attackers are compromising open-source packages to spread malware. Cyber defenders are asked to review dependencies to reduce risks
Designing secure access with ZTNA
4 weeks ago
New guidance explains how to design Zero Trust Network Access architectures aligned with zero trust principles and not built on old trust assumptions.
Thinking carefully before adopting agentic AI
1 month 1 week ago
When it comes to using agentic AI, make sure you can walk before you run.
10 questions to ask when using AI models to find vulnerabilities
1 month 1 week ago
Using Artificial Intelligence to find vulnerabilities can bring added security considerations.
Preparing for a ‘vulnerability patch wave’
1 month 3 weeks ago
Organisations must act now to prepare for a wave of patches that will address decades of technical debt.
Could your choice of metrics be harming your SOC?
1 month 3 weeks ago
Poor metrics can render a well-intentioned security operation centre entirely ineffective.
International cyber agencies share fresh advice to defend against China-linked covert networks
2 months ago
New advisory highlights how to defend against attacker tactics believed to be used by China-linked actors to hide malicious cyber activity.
Defending against China-nexus covert networks of compromised devices
2 months ago
Explaining the widespread shift in tactics, techniques and procedures (TTPs) towards networks of compromised infrastructure, and how to defend against it
Supporting AI adoption for UK cyber defence
2 months ago
Adopting AI will require time, the development of new capabilities and careful oversight.
Executive Summary: Defending against China-nexus covert networks of compromised devices
2 months ago
Organisations should map and baseline their edge device traffic, especially VPN and remote access connections, and adopt dynamic threat feed filtering that includes known covert network indicators.
Passkeys are more secure than traditional ways to log in
2 months ago
Passkeys offer a more usable, secure replacement for passwords and are already supported by most modern devices.
NCSC: Leave passwords in the past - passkeys are the future
2 months ago
Passkeys are the more secure and user-friendly login method and should be the default authentication option for consumers.
World-first NCSC-engineered device secures vulnerable display links
2 months ago
SilentGlass, a plug-and-play device, actively blocks any unexpected or malicious HDMI and Display Port connections.
Cyber chief: UK faces "perfect storm" for cyber security
2 months ago
As the technology landscape develops, the definition of cyber security is expanding with it.
New cross domain guidance for government, industry and the wider security community
2 months ago
Ensuring cross domain technologies are better understood - and more easily deployed - across sectors.
Preparing for severe cyber threat: why leaders must act now
2 months ago
A call to action to collectively build UK resilience.
Checked
7 hours 54 minutes ago
This includes feeds from report, guidance and blog-post
NCSC Feed feed