Advice from the National Cyber Security Centre and the UK Government – actions to take when the cybersecurity risk is high (Russia Ukraine Conflict) – UPDATED 2 May 2023

cyber security logo

This post was originally made on 2 March 2022. It will be updated as the Russian Ukraine Conflict develops and will highlight the cyber security issues facing organisations and individuals at this time. The National Cyber Security Centre (NCSC) is advising all UK organisations to review and improve their cyber …

And it’s back – Microsoft reinstates, default blocking in Office apps of macros from the internet.

Office macros slide

This story has gone back and forth. How can Microsoft wobble on what has been a well used attack vector, by threat actors for years and years? Microsoft to block downloaded Office macros – at last – Smart Thinking Solutions Oh No! Microsoft appears to have rolled back it’s macro …

Yesterday was Microsoft Patch Tuesday – get it done and check everyone else is getting it done as well…

software patches are essential cybersecurity

It is that time again – among the fixes and patches from Microsoft, for July 2022 is one addressing CVE-2022-22047, Windows Elevation of Privilege Vulnerability – according to Microsoft a zero-day flaw that is being exploited by threat actors. For more details see Bleeping Computer’s excellent round-up of Patch Tuesday: …

The Follina threat has not gone away just because Microsoft has issued a patch – Octagon has the solution

Follina email phishing

The threat actors are still attempting to exploit the Follina flaw in Microsoft Word – looking for those of you out there who have not bothered to run the updates: XFiles info-stealing malware adds support for Follina delivery (bleepingcomputer.com) Have you checked all the machines in your organisation have run …