|
|
Exploitation of Cisco IOS XE vulnerabilities affecting UK organisations
Organisations are encouraged to take action to mitigate vulnerabilities affecting Cisco IOS XE devices and follow the latest vendor advice.
These vulnerabilities are being actively exploited by criminals, and could be used to gain control of affected systems.
|
|
> Advice
Cisco has published an updated advisory detailing the vulnerabilities, and how to mitigate them. The National Cyber Security Centre (NCSC) have also released an advisory outlining priority actions, and are working with UK organisations known to be impacted.
|
|
|
> Reporting
If you think you have been a victim of cyber crime, please report the incident to Action Fraud via phone (0300 123 2040) or website at https://www.actionfraud.police.uk
If you've received a suspicious email, please forward it to the NCSC's Suspicious Email Reporting Service (SERS) at 'report@phishing.gov.uk'. More information, including advice on how to protect yourself against phishing, can be found on the NCSC website.
|
|
|
|
Protective Domain Name Service (PDNS) for Schools
To protect against DNS misuse and cyber threats like malware, the NCSC has developed the Protective Domain Name Service (PDNS) which can help prevent DNS enabled cyber attacks. PDNS is already a tried and tested solution as it’s been freely available to organisations like central government, local authorities and devolved administrations for several years.
The NCSC is gradually broadening eligibility of PDNS to the school sector under the banner of ‘PDNS for Schools’. The service will be completely free, and the phased rollout will start now and will progress into next year. You can read more about the service on the NCSC website.
|
|
|
BSides Bristol, Sat 4th Nov, 12:00 - 12:45
We're thrilled to be presenting at this year's Bsides Bristol, a conference for people interested in the Information Security industry, which will be held at the University of West England Frenchay campus.
We'll be presenting some of our cyber crime case studies, along with key insights and lessons learned.
You can find more information about the event on the Bsides Bristol page. You can find schedule information on their page here.
|
|
|
Cyber Advisor: The road to cyber certification, Thu 9th Nov, 08:15 - 08:45
This free online session by the South West Cyber Resilience Centre features Mark Faithfull of Cool Waters Cyber. He'll be talking with Ross Brown about how the scheme helps SME's build their cyber resilience by providing them with reliable and cost effective cyber security advice and practical support.
You can register on the official Eventbrite page.
|
|
|
Bristol Business Expo, 30th Nov
Another expo is on the horizon, and we're very much looking forward to exhibiting at the Bristol Business Expo! Come along to stand 65 and talk to our Protect team about how we can help your organisation stay protected against cyber crime, and pick up some of our free resources!
Grab your tickets at the Bristol Business Expo website.
|
|
|
SWRCCU Virtual Technical Meetup, 6th Dec, 10:00 - 12:30
Following on from the success of our in-person meetup in May 2023, our second meetup will be a half day virtual session.
This session is open to technical leads from organisations of all sizes and sectors across the South West. Bringing together speakers from private industry and law enforcement to discuss cyber security topics, attendees will learn more about current threats and how they can protect their organisation from them.
We are delighted to welcome Armour Communications, who will be talking about threats with mobile devices and how to manage them. We will then hear from the UK Cyber Security Council, who will explain some of the work they have carried out, what's next, and why this is important going forward.
The session will also include an update from our Protect & Prepare team and time for networking.
Register now at our Eventbrite page!
|
|
|
Ragnar Locker ransomware gang taken down by international police swoop
Law enforcement and judicial authorities from eleven countries have delivered a major blow to one of the most dangerous ransomware operations of recent years. This action targeted the Ragnar Locker ransomware group who were responsible for numerous high-profile attacks against critical infrastructure across the world. Read more at Europol.
|
|
|
Okta says its support system was breached using stolen credentials
While the company has yet to provide details on what customer information was exposed or accessed in the breach, the support case management system breached in this attack was also used to store HTTP Archive (HAR) files used to replicate user or administrator errors to troubleshoot various issues reported by users. They also contain sensitive data, such as cookies and session tokens, which threat actors could use to hijack customer accounts. Read more at Bleeping Computer.
|
|
|
|
|
|
|
