#ncsc — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #ncsc, aggregated by home.social.
-
3/14 · Post-Quantum Audit for Critical National Infrastructure
An operator-side playbook for the NCSC 2031 and 2035 migration deadlines. 22 pages.
https://mickai.co.uk/ebooks/post-quantum-audit-for-critical-national-infrastructure
-
The government is urging businesses to sign up to a “Cyber Resilience Pledge”, to improve their defences as cyber threats escalate, particularly with AI.
-
The government is urging businesses to sign up to a “Cyber Resilience Pledge”, to improve their defences as cyber threats escalate, particularly with AI.
-
The government is urging businesses to sign up to a “Cyber Resilience Pledge”, to improve their defences as cyber threats escalate, particularly with AI.
-
The government is urging businesses to sign up to a “Cyber Resilience Pledge”, to improve their defences as cyber threats escalate, particularly with AI.
-
The government is urging businesses to sign up to a “Cyber Resilience Pledge”, to improve their defences as cyber threats escalate, particularly with AI.
-
NCSC Post-Quantum Cryptography pilot opens. Late spring 2026 to 31 March 2027 delivery window. UK PQC migration timeline: 2028 discovery, 2031 high-priority migration, 2035 full migration.
The Mickai SIOS audit ledger is FIPS 204 ML-DSA-65 from inception. Not retrofitted. ML-DSA-87 migration is a parameter change, not a redesign.
-
NCSC named the AI patch wave on 1 May 2026. The operators that hold ground through the forced correction will be the ones with a cryptographic position on what they patched, in what order, under whose key.
The Mickai audit substrate is that position at the primitive layer: FIPS 204 ML-DSA-65, SHA-3-512 hash chain, browser-resident offline verifier.
https://mickai.co.uk/articles/ncsc-named-the-ai-patch-wave-the-audit-substrate-is-what-survives-it
-
Zahltag beim #Patch Management: Was jahrelang aufgeschoben wurde, rächt sich früher oder später.
Die Tage hat das britische #NCSC vor einer bevorstehenden Flut von #Cybersecurity #Updates gewarnt. Der Auslöser: #KI ermöglicht es Angreifern zunehmend, jahrzehntelang angehäufte technische Schulden in #Software-Systemen systematisch und in einem bislang ungekannten Tempo auszunutzen.
Die Folge: ein massives Aufkommen kritischer Patches quer durch alle Softwarekategorien:
https://www.ncsc.gov.uk/blogs/prepare-for-vulnerability-patch-wave
-
Zahltag beim #Patch Management: Was jahrelang aufgeschoben wurde, rächt sich früher oder später.
Die Tage hat das britische #NCSC vor einer bevorstehenden Flut von #Cybersecurity #Updates gewarnt. Der Auslöser: #KI ermöglicht es Angreifern zunehmend, jahrzehntelang angehäufte technische Schulden in #Software-Systemen systematisch und in einem bislang ungekannten Tempo auszunutzen.
Die Folge: ein massives Aufkommen kritischer Patches quer durch alle Softwarekategorien:
https://www.ncsc.gov.uk/blogs/prepare-for-vulnerability-patch-wave
-
Zahltag beim #Patch Management: Was jahrelang aufgeschoben wurde, rächt sich früher oder später.
Die Tage hat das britische #NCSC vor einer bevorstehenden Flut von #Cybersecurity #Updates gewarnt. Der Auslöser: #KI ermöglicht es Angreifern zunehmend, jahrzehntelang angehäufte technische Schulden in #Software-Systemen systematisch und in einem bislang ungekannten Tempo auszunutzen.
Die Folge: ein massives Aufkommen kritischer Patches quer durch alle Softwarekategorien:
https://www.ncsc.gov.uk/blogs/prepare-for-vulnerability-patch-wave
-
Zahltag beim #Patch Management: Was jahrelang aufgeschoben wurde, rächt sich früher oder später.
Die Tage hat das britische #NCSC vor einer bevorstehenden Flut von #Cybersecurity #Updates gewarnt. Der Auslöser: #KI ermöglicht es Angreifern zunehmend, jahrzehntelang angehäufte technische Schulden in #Software-Systemen systematisch und in einem bislang ungekannten Tempo auszunutzen.
Die Folge: ein massives Aufkommen kritischer Patches quer durch alle Softwarekategorien:
https://www.ncsc.gov.uk/blogs/prepare-for-vulnerability-patch-wave
-
Zahltag beim #Patch Management: Was jahrelang aufgeschoben wurde, rächt sich früher oder später.
Die Tage hat das britische #NCSC vor einer bevorstehenden Flut von #Cybersecurity #Updates gewarnt. Der Auslöser: #KI ermöglicht es Angreifern zunehmend, jahrzehntelang angehäufte technische Schulden in #Software-Systemen systematisch und in einem bislang ungekannten Tempo auszunutzen.
Die Folge: ein massives Aufkommen kritischer Patches quer durch alle Softwarekategorien:
https://www.ncsc.gov.uk/blogs/prepare-for-vulnerability-patch-wave
-
**Post 2:**
The guidance also admits prompt injection may never be solved -- and that the industry has no mature methods to evaluate whether agentic systems are behaving as intended.
The phrase that matters: the agent might be lying to the governor.
Not a critic. Six governments, in writing.
haunted.lighthouse.co.im/articles/strong-governance-is-not-optional/?utm_source=mastodon
#CyberSecurity #AgenticAI #NCSC #CISA #Governance #IsleOfMan
-
**Post 2:**
The guidance also admits prompt injection may never be solved -- and that the industry has no mature methods to evaluate whether agentic systems are behaving as intended.
The phrase that matters: the agent might be lying to the governor.
Not a critic. Six governments, in writing.
haunted.lighthouse.co.im/articles/strong-governance-is-not-optional/?utm_source=mastodon
#CyberSecurity #AgenticAI #NCSC #CISA #Governance #IsleOfMan
-
**Post 2:**
The guidance also admits prompt injection may never be solved -- and that the industry has no mature methods to evaluate whether agentic systems are behaving as intended.
The phrase that matters: the agent might be lying to the governor.
Not a critic. Six governments, in writing.
haunted.lighthouse.co.im/articles/strong-governance-is-not-optional/?utm_source=mastodon
#CyberSecurity #AgenticAI #NCSC #CISA #Governance #IsleOfMan
-
**Post 2:**
The guidance also admits prompt injection may never be solved -- and that the industry has no mature methods to evaluate whether agentic systems are behaving as intended.
The phrase that matters: the agent might be lying to the governor.
Not a critic. Six governments, in writing.
haunted.lighthouse.co.im/articles/strong-governance-is-not-optional/?utm_source=mastodon
#CyberSecurity #AgenticAI #NCSC #CISA #Governance #IsleOfMan
-
UK Urges Adoption of Passkeys Over Passwords
Say goodbye to password headaches! The UK is leading the charge towards a more secure and user-friendly login experience with passkeys, which offer stronger resilience and eliminate many common cyber threats.
#Fido2 #Passkeys #PasswordManagement #NationalCyberSecurityCentre #Ncsc
-
NCSC Warns of Flawed SOC Metrics
The National Cyber Security Centre is warning that common security operations center metrics are fundamentally flawed, and that the only metric that truly matters is whether attacks are detected and responded to in a timely manner. By focusing on easily quantifiable but misleading metrics, organizations may inadvertently be encouraging their teams to prioritize…
https://osintsights.com/ncsc-warns-of-flawed-soc-metrics?utm_source=mastodon&utm_medium=social
#SocMetrics #SecurityOperations #Secops #NationalCyberSecurityCentre #Ncsc
-
UK Cyber Agency Unveils Device to Secure Computer Monitors
Meet SilentGlass, a game-changing plug-and-play device that easily secures computer monitors from cyber threats, protecting vulnerable IT infrastructure like never before. Developed by the UK's National Cyber Security Centre, this innovative gadget is set to revolutionize desktop security.
-
The UK National Cyber Security Centre (NCSC) has advised that passkeys should now be consumer’s first choice for authentication, and that the use of passwords should be gradually phased out.
#passkeys #ncsc #uk #technews #passwords #cybersecurity #infosec #fido
-
UK Cyber Agency Unveils Anti-Malware Gadget for Display Devices
Meet SilentGlass, a game-changing anti-malware device from the UK's National Cyber Security Centre that shields your display screens and monitors from cyber threats with unprecedented ease. This innovative gadget is now available for commercial use, protecting vulnerable IT infrastructure like never before.
-
MI5 is briefing CNI operators. The Technology Secretary says firms have months to prepare. On the Isle of Man, the biggest unaudited risk isn't your firewall -- it's your IT provider. The Island has been here before. https://open.substack.com/pub/sovereignauditor/p/the-island-has-been-here-before
#CyberSecurity #IsleOfMan #Mythos #CyberEssentials #DataProtection #NCSC #SovereignAuditor -
https://www.europesays.com/ee/148861/ USA tegi kahjutuks ruuteritesse häkkinud GRU võrgustiku | Välismaa #apt28 #BfV #BreakingNews #BreakingNews #EE #Eesti #EestiKeel #Estonia #Estonian #FancyBear #FBI #FeaturedNews #FeaturedNews #ForestBlizzard #gchq #GRU #Headlines #LatestNews #LatestNews #mikrotik #ncsc #News #PopulaarseimadLood #ruuterid #TopStories #TopStories #TpLink #ÜldisedUudised #Uudised #VeneHäkkerid #ViimasedUudised
-
This cybersecurity tweet from @SciTechgovuk / DSIT is getting *brigaded* by people pointing out how the UK Government is actively undermining cybersecurity
Examples; remember to check both quotes & replies:
https://twitter.com/SebJVidal/status/2036883790971166975?s=20
https://twitter.com/B_Disappointed/status/2036886030742093866
https://twitter.com/egosumdickie/status/2036920678486585503?s=20
https://twitter.com/EddyGraphic1/status/2036954742971084977?s=20
https://twitter.com/36F5VE/status/2036903727680921792?s=20
https://twitter.com/TheBlake83/status/2036914254712832017?s=20
https://twitter.com/jkelly206/status/2036916903772361016?s=20
#ageVerification #censorship #dsit #gchq #ncsc #onlineSafety #onlineSafetyAct #surveillance -
This cybersecurity tweet from @SciTechgovuk / DSIT is getting *brigaded* by people pointing out how the UK Government is actively undermining cybersecurity
Examples; remember to check both quotes & replies:
https://twitter.com/SebJVidal/status/2036883790971166975?s=20
https://twitter.com/B_Disappointed/status/2036886030742093866
https://twitter.com/egosumdickie/status/2036920678486585503?s=20
https://twitter.com/EddyGraphic1/status/2036954742971084977?s=20
https://twitter.com/36F5VE/status/2036903727680921792?s=20
https://twitter.com/TheBlake83/status/2036914254712832017?s=20
https://twitter.com/jkelly206/status/2036916903772361016?s=20
#ageVerification #censorship #dsit #gchq #ncsc #onlineSafety #onlineSafetyAct #surveillance -
This cybersecurity tweet from @SciTechgovuk / DSIT is getting *brigaded* by people pointing out how the UK Government is actively undermining cybersecurity
Examples; remember to check both quotes & replies:
https://twitter.com/SebJVidal/status/2036883790971166975?s=20
https://twitter.com/B_Disappointed/status/2036886030742093866
https://twitter.com/egosumdickie/status/2036920678486585503?s=20
https://twitter.com/EddyGraphic1/status/2036954742971084977?s=20
https://twitter.com/36F5VE/status/2036903727680921792?s=20
https://twitter.com/TheBlake83/status/2036914254712832017?s=20
https://twitter.com/jkelly206/status/2036916903772361016?s=20
#ageVerification #censorship #dsit #gchq #ncsc #onlineSafety #onlineSafetyAct #surveillance -
For some days now I've seen a sustained attempt by #cybercriminals to exploit misconfigured / insecure #VOIP phone systems to make multiple #telephone calls to the #French #Embassy in #London (+44 20 7073 1000).
They are not getting anywhere on two systems I run as the #security software knocks back the INVITE attempts along with all the other various #blighters , but this traffic stands out as all the attempts are to this number - it doesn't look like the perps are searching for an open trunk to misuse for spam calls or even reselling minutes on other peoples systems, but a deliberate attempt to overwhelm the switchboard at the Embassy.
Not sure if I should report this somewhere, or its presumably already been noticed by #NCSC and #DGSE ?
-
The Haunted Lighthouse Limited has achieved Cyber Essentials certification (whole organisation scope).
Assessed under the IASME scheme, aligned with the UK National Cyber Security Centre baseline controls. Sensible fundamentals: patch management, MFA, least privilege, secure configuration, and disciplined backup practices.
Not glamorous, just solid security hygiene.
The lighthouse is officially audited.
#CyberEssentials #IASME #NCSC #CyberSecurity #InfoSec #SmallBusiness #PrivacyFirst
-
NCSC Warns Prompt Injection Could Become the Next Major AI Security Crisis https://thecyberexpress.com/prompt-injection-harder-to-stop/ #NationalCyberSecurityCentre #promptinjectionattacks #TheCyberExpressNews #SQLinjectionflaw #PromptInjection #TheCyberExpress #FirewallDaily #GenerativeAI #AIsystems #Features #NCSC
-
UK lawmakers are urging a shift toward software liability, arguing that the current model externalizes the cost of insecurity onto users and national infrastructure. Recommendations include developer liability, stronger cyber-resilience incentives, and mandatory incident reporting.
💬 What impact would a liability regime have on secure development and supply-chain risk?
Source: https://therecord.media/software-companies-liable-britain-security
Follow @technadu for more InfoSec-focused updates.
#InfoSec #CyberSecurity #SoftwareSecurity #TechPolicy #CyberResilience #RiskManagement #SecureDevelopment #NCSC #CyberAwareness
-
UK lawmakers are urging a shift toward software liability, arguing that the current model externalizes the cost of insecurity onto users and national infrastructure. Recommendations include developer liability, stronger cyber-resilience incentives, and mandatory incident reporting.
💬 What impact would a liability regime have on secure development and supply-chain risk?
Source: https://therecord.media/software-companies-liable-britain-security
Follow @technadu for more InfoSec-focused updates.
#InfoSec #CyberSecurity #SoftwareSecurity #TechPolicy #CyberResilience #RiskManagement #SecureDevelopment #NCSC #CyberAwareness
-
UK lawmakers are urging a shift toward software liability, arguing that the current model externalizes the cost of insecurity onto users and national infrastructure. Recommendations include developer liability, stronger cyber-resilience incentives, and mandatory incident reporting.
💬 What impact would a liability regime have on secure development and supply-chain risk?
Source: https://therecord.media/software-companies-liable-britain-security
Follow @technadu for more InfoSec-focused updates.
#InfoSec #CyberSecurity #SoftwareSecurity #TechPolicy #CyberResilience #RiskManagement #SecureDevelopment #NCSC #CyberAwareness
-
Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034) https://www.helpnetsecurity.com/2025/11/19/fortiweb-vulnerability-cve-2025-58034/ #vulnerability #TrendMicro #Don'tmiss #Hotstuff #Fortinet #NCSC-NL #News #CISA
-
⚠️« Cybercriminalité : Le groupe AKIRA intensifie ses activités
Berne, 16.10.2025 — Communiqué de presse commun MPC, fedpol, OFCS - Le groupe de pirates informatiques AKIRA a intensifié ses activités en Suisse ces derniers mois. Environ 200 entreprises ont été victimes d'attaques par rançongiciel. Le préjudice s'élève actuellement à plusieurs millions de francs suisses, et à plusieurs centaines de millions de dollars à l'échelle mondiale. Depuis avril 2024, le Ministère public de la Confédération (MPC) mène une procédure pénale. L’enquête est coordonnée par l'Office fédéral de la police (fedpol), en étroite collaboration avec l'Office fédéral de la cybersécurité (OFCS) et les autorités de plusieurs pays impliqués. Les autorités suisses rappellent l'importance de les contacter avant de prendre toute mesure et de déposer plainte. »
👇 -
F5 data breach: “Nation-state” attackers stole BIG-IP source code, vulnerability info https://www.helpnetsecurity.com/2025/10/15/f5-big-ip-data-breach/ #CrowdStrike #databreach #F5Networks #networking #sourcecode #Don'tmiss #datatheft #Hotstuff #IOActive #Mandiant #NCCGroup #News #NCSC
-
Security test of QGIS Server and QGIS Web Client: Switzerland’s National #Cyber Security Centre (#NCSC) and the National Test Institute for Cybersecurity (#NTC) have completed a pilot test assessing the #security of #QGISServer and the #QGIS Web Client. The test identified six vulnerabilities —...
https://spatialists.ch/posts/2025/10/14-security-test-of-qgis-server-and-qgis-web-client/ #GIS #GISchat #geospatial #SwissGIS -
#Bacs warnt vor falschen #NCSC-Mitarbeitenden - inside-it[.]ch https://www.inside-it.ch/bacs-warnt-vor-falschen-ncsc-mitarbeitenden-20250924
-
Ik ben op zoek naar nieuwe collega's! Ben jij onze manager infrastructuurdiensten of digitale platformdiensten?
Het NCSC staat voor schitterende uitdagingen en dit is jouw kans om een leidende bijdrage te leveren.
https://www.werkenvoornederland.nl/vacatures/manager-it-infrastructuurdiensten-NCSC-2025-0047
https://www.werkenvoornederland.nl/vacatures/manager-digitale-platformdiensten-NCSC-2025-0048
-
"Comme prévu, des attaques DDoS ont été lancées contre plusieurs sites web suisses dans le cadre de l'Eurovision Song Contest (ESC). Jusqu'à présent, les attaques DDoS n'ont pas affecté les activités de l'ESC. Ces attaques visent à attirer l'attention des médias et n'entraînent aucune fuite de données."
"Note à l’attention des représentants des médias
Lors de telles attaques contre la disponibilité de sites web et de services, les auteurs souhaitent généralement attirer l'attention des médias afin de propager leur idéologie. L’OFCS demande aux journalistes donc que les rapports soient aussi sobres que possible afin que les attaquants reçoivent le moins d'attention possible."
👇https://www.ncsc.admin.ch/ncsc/fr/home/aktuell/im-fokus/2025/ddos-2025-05-16.html
-
Ofcom Bans Global Titles Leasing to Thwart Criminal Abuse of UK Mobile Networks https://thecyberexpress.com/ofcom-bans-global-titles-leasing/ #NationalCyberSecurityCentre #twofactorauthentication #mobilenetworkoperators #TheCyberExpressNews #OllieWhitehouse #TheCyberExpress #PolicyUpdates #FirewallDaily #userlocations #GlobalTitles #Regulations #Compliance #NCSC
-
Fast Flux is the New Cyber Weapon—And It’s Hard to Stop, Warns CISA https://thecyberexpress.com/cisa-nsa-fbi-issue-fast-flux-advisory/ #TheCyberExpressNews #TheCyberExpress #FirewallDaily #DoubleFlux #SingleFlux #CyberNews #cloaking #FastFlux #CISA #NCSC #FBI
-
The NCSC’s advisory deadline of 2035 for organisations to introduce quantum-safe algorithms is too late, according to some industry insiders.
The NCSC’s advisory deadline of 2035 for organisations to introduce quantum-safe algorithms is too late, according to some industry insiders.
#ncsc #quantum #pqc #uk #qkd #technews #infosec #cybersecurity
-
UK cybersecurity agency National Cyber Security Centre is recommending that organisations start replacing existing asymmetric public key cryptosystems with post-quantum cryptography (PQC) alternatives to defend themselves against quantum computers
#technews #quantum #quantumcomputing #cryptography #pqc #ncsc #uk #nvidia #qkd #infosec #cybersecurity
-
What 2024 taught us about security vulnerabilties https://www.helpnetsecurity.com/2025/01/14/cybersecurity-vulnerabilities-2024/ #SkyboxSecurity #cybersecurity #vulnerability #BlackDuck #Checkmarx #BitSight #Fortinet #Veracode #Tenable #report #survey #News #CISA #NCSC #FBI #NSA
-
What 2024 taught us about security vulnerabilties https://www.helpnetsecurity.com/2025/01/14/cybersecurity-vulnerabilities-2024/ #SkyboxSecurity #cybersecurity #vulnerability #BlackDuck #Checkmarx #BitSight #Fortinet #Veracode #Tenable #report #survey #News #CISA #NCSC #FBI #NSA
-
20 Jahre #Melani: Wie alles anfing - inside-it.ch https://www.inside-it.ch/20-jahre-melani-wie-alles-anfing-20241209 #NCSC #BACS #CyberCrime #Ransomware #Malware
-
How to choose secure, verifiable technologies? https://www.helpnetsecurity.com/2024/12/06/how-to-choose-secure-technologies/ #riskassessment #procurement #enterprise #guidelines #Don'tmiss #hardware #software #News #ACSC #CISA #NCSC #SaaS #IoT #MSP
-
APT40 Advisory PRC MSS tradecraft in action https://ciso2ciso.com/apt40-advisory-prc-mss-tradecraft-in-action/ #0CTCybersecurityArchitectureNetworkSecurity #CISO2CISONotepadSeries2 #NCSCGOVUK #CCCS #CISA #NCSC #NISC #ASD #BfV #BND #FBI #NIS #NPA #NSA #PRC