Our Next Meeting Cancelled

March 2020





Coffee and Registration
Chairman’s Introduction
City of London Police Crime Update & Counter Terrorism Update
Finish and Close

Please contact:

contact@cityof londoncpa.org.uk
for details if you would like to attend.

NCSC/CiSP cyber alert – 20 May 2019

On Friday 17th May the NCSC released an Alert on its website relating to a SharePoint vulnerability. NCSC have also previously pushed this out via CiSP. The Alert can be accessed here:
Microsoft published details of this vulnerability (CVE-2019-0604), which allows an attacker to run arbitrary code by uploading a specifically crafted SharePoint application package. Successful exploitation of the vulnerability could allow an attacker to gain access to sensitive data, enable lateral movement within a network and potentially use the access to target an organisation’s customers and suppliers.
NCSC say they are seeing a concerning level of large organisations falling victim to this vulnerability from a wide range of sectors. NCSC have seen this vulnerability enable deep lateral movements within large networks.
NCSC have asked that we push this alert out to organisations to ensure that awareness is as wide as possible. The mitigation is simple – patch.