Cybersecurity & Tech Innovation parent category
Malware analysis report on SparrowDoor malware Summary The NCSC provides a technical analysis of a SparrowDoor malware variant discovered on a UK network in 2021. This variant extends the previously reported sample (ESET, Sept 2021) with additional capabilities. SparrowDoor acts as a persistent loader and backdoor, using XOR encoding for its command-and-control channel beneath HTTPS. […]
‘WannaCry’ ransomware: guidance updates Summary The NCSC published and then updated guidance on the WannaCry ransomware outbreak aimed at enterprise administrators and home users/small businesses. The guidance provides immediate mitigation steps, balancing simplicity with accuracy to avoid spreading misinformation. Updates were driven by public feedback and collaboration with other teams to ensure advice is applicable […]
To SOC or not to SOC ? Summary This NCSC blog explores whether teams launching digital services truly need a traditional Security Operations Centre (SOC) or whether cloud-native design and operational changes can reduce or replace that need. It explains how SOCs work, why they were historically mandated (GPG13), and how the move to cloud […]
Zero trust migration: How will I know if I can remove my VPN? Summary This NCSC blog explains when it is (and isn’t) safe to remove an Always On VPN (AOVPN) during a zero trust migration. The core message: don’t switch off your AOVPN until you have replicated the security benefits it provides by other […]
Using MSPs to administer your cloud services Summary The NCSC explains the security trade-offs when organisations outsource cloud administration to Managed Service Providers (MSPs). While MSPs bring expertise, scale and operational efficiencies, delegating administrative access increases your attack surface because MSP systems and credentials can be attractive targets for attackers. The guidance recommends treating MSPs […]
Why vulnerabilities are like buses Summary The NCSC outlines a growing pattern where a high-profile, mass-exploited vulnerability in a product is frequently followed by additional critical flaws in the same product being found and exploited. Organisations often rush to apply emergency patches for the initial issue, only to face further exploitation when subsequent vulnerabilities are […]
Logging Made Easy with CISA Summary The US Cybersecurity and Infrastructure Security Agency (CISA) has relaunched an updated version of Logging Made Easy (LME). The National Cyber Security Centre (NCSC) had previously retired support for LME but announced CISA would relaunch a refreshed edition for existing and new users. The new release is intended as […]
Zero Trust migration: where do I start? Summary This NCSC blog explains practical first steps for migrating to a zero trust architecture. It assumes you have already decided zero trust fits your business goals and covers how to begin: discovery (inventory of users, devices, services and data), identity consolidation and multi-factor authentication, device management and […]
Landing at the NCSC (glad I brought my towel) Summary Ollie Whitehouse joined the National Cyber Security Centre (NCSC) as CTO in October 2023 and sets out immediate priorities for improving the UK’s cyber resilience. He emphasises turning cyber into a more evidence-driven science, making adversaries pay for their actions, tackling pervasive technical security debt, […]
Chris Pratt Breaks Silence Amid Charlie Kirk Post That’s Left MCU Fans Unhappy Summary Chris Pratt responded on social media after some Marvel Cinematic Universe fans called for his firing following comments about the fatal shooting of right‑wing activist Charlie Kirk. Pratt posted a short prayer and a video urging people to pause, pray and […]
