National Cyber Security Centre Finland | Traficom
Skip to main content
National Cyber Security Center
Report incidents
Report incidents
Report incidents

National Cyber Security Centre Finland

News

  • Cyber weather for January 2026

    , updated at 14:41

    January was largely rainy, with cyber phenomena continuing at a typical level. The growing use of AI assistants in organisations — and the related information security and cybersecurity challenges — generated discussion during the month. The first Cyber weather publication of the year also introduced a new look.

  • Weekly review of the National Cyber Security Centre Finland (NCSC-FI) - 3/2026

    , updated at 10:13

    This week, we cover information security considerations related to the use of AI assistants, phishing messages themed around hotel and travel bookings, and recorded scam calls made in the name of banks. We also report on unsolicited verification codes sent by text message. In addition, we provide information about a funding call opening for SMEs and the publication of the December Cyber Weather report.

  • Weekly review of the National Cyber Security Centre Finland (NCSC-FI) – 2/2026

    , updated at 12:33

    This week, we look back at the cyber phenomena of 2025 in a video in which our experts discuss the most significant and interesting cyber developments of the year and provide tips for citizens and organisations on how to approach a cybersecure year in 2026.

View all news

Vulnerabilities

  • Microsoft 365 accounts compromised – beware of phishing

    , updated at 13:50

    In August, the NCSC-FI received 70 reports related to Microsoft 365 account breaches. After the summer holiday season ended, the number of cases has risen significantly, and at present, organisational email accounts are being compromised at an accelerating pace. Numerous organisations have been exposed to breaches and subsequent phishing emails, and within a single organisation there may be several – even dozens – of compromised accounts. Criminals use stolen credentials to log in to Microsoft 365 services, and the hijacked accounts are then exploited to send new phishing messages and to carry out invoicing fraud.

  • Data breaches to Palo Alto GlobalProtect products – requires immediate action

    , updated at 14:29

    A vulnerability (CVE-2024-3400) in a Palo Alto GlobalProtect product that is widely used in organisations is being actively exploited. The vulnerability has significant effects and requires updating and investigating the devices. Devices susceptible to the vulnerability should be suspected of being breached.

  • A wave of data breaches is spreading between organisations – cut off the phishing

    , updated at 11:28

    Email accounts of Finnish organisations are being hijacked through a widely-spread phishing campaign. Criminals have been phishing the usernames and passwords of employees via email and scam pages, using the credentials to log in to Microsoft 365 email systems. The hijacked accounts are used to send new phishing messages both within the organisation and to other organisations.

View all vulnerabilities

Everyday information security

Not everything online is what it seems. Learn to recognize common scams and protect your personal information.

Information and guidance