The United Kingdom’s Centre for the Protection of National Infrastructure (CPNI) has recently released a paper titled “Spear Phishing – Understanding the Threat;” this document provides guidance on how spear phishing attacks work, whether you are likely to be a target, and the steps organizations can take to manage the risks. CPNI is the UK’s government authority for providing physical, personnel and information security advice to critical national infrastructure.
US-CERT encourages users and administrators to review the CPNI document as well as US-CERT ST04-014, “Avoiding Social Engineering and Phishing Attacks.”
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-41940 WebPros…
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-1708 ConnectWise ScreenConnect Path…