A critical security vulnerability has been identified in the Microsoft Outlook desktop client. This vulnerability allows attackers to access your n...

The new attack method has been growing in use among well-known ransomware groups and was responsible for 10% of malware incidents observed by CFC l...

Log4Shell (CVE-2021-44228) is a critical vulnerability that is being actively exploited and scanned for by malicious actors since its discovery lat...

Our Response team recommends that you disable server message block (SMB) if it is not necessary on your network.

The below information is a guide compiled by CFC Response globally to assist organizations in detecting, eradicating and remediating the ProxyShell...

Learn why Zerologon carries the highest possible vulnerability severity score and what you can do to make sure your IT systems stay safe.

Get the technical summary of the Kaseya July 2021 REvil/Sodinokibi mass ransomware event

The CFC Incident Response Team has recently seen several ransomware attacks on legal services firms which appear to have been caused by GootLoader...

An advisory released by the NSA, CISA and FBI on 15 April warns of vulnerabilities being exploited by the Russian Foreign Intelligence Service, als...

Microsoft has released emergency out-of-band security updates for most Microsoft Exchange versions that fix four newly detected vulnerabilities act...

With more and more cyber incidents stemming from vulnerable RDP ports, our Incident Response Team has provided some more information about this tec...

Our incident response team has noticed the emergence of PYSA, a ransomware variant that is disproportionately affecting schools, colleges and unive...

Our Incident Response Team wishes to advise all insureds of a critical vulnerability in the Windows DNS server that allows cybercriminals to gain w...

Two-factor authentication (2FA), also known as multi-factor authentication (MFA), is an extra layer of security used to verify the identity of the...

[Updated] Public concern and working-from-home mandates are providing opportunities for cybercriminals.

New ransomware variant is known to exfiltrate data prior to encryption, allowing hackers to publish data if the ransom isn't paid.

Recently discovered vulnerability undermines how Windows verifies trustworthy sources

Update your Windows operating systems immediately to guard against BlueKeep exploit.