National Cyber Security Centre Finland | Traficom
Skip to main content
National Cyber Security Center
Report incidents
Report incidents
Report incidents

National Cyber Security Centre Finland

News

  • Cyber Weather 2026

    , updated at 12:45

    The volume and severity of cyber threats remained at a typical level in March. As a result, the cyber weather continues to be rainy. The March cyber weather report provides a more extensive overview of cybersecurity phenomena and threats than usual.

  • Cyber Weather April 2026

    Microsoft 365 account breaches and vulnerabilities discovered in network edge devices were highlighted in the month’s cyber weather. Fewer incidents were reported to the NCSC-FI in terms of volume, but their severity remained at a typical level.

  • New national act on cyber resilience enters into force on 1 June – vulnerabilities must be reported to Traficom from autumn onwards

    For the first time, the Cyber Resilience Act introduces product-level cybersecurity requirements for software and hardware placed on the EU market. A national act supplementing the EU regulation enters into force on 1 June 2026 and sets out the procedures to be followed in Finland. It also supplements provisions concerning domain names.

View all news

Vulnerabilities

  • Microsoft 365 accounts compromised – beware of phishing

    , updated at 13:50

    In August, the NCSC-FI received 70 reports related to Microsoft 365 account breaches. After the summer holiday season ended, the number of cases has risen significantly, and at present, organisational email accounts are being compromised at an accelerating pace. Numerous organisations have been exposed to breaches and subsequent phishing emails, and within a single organisation there may be several – even dozens – of compromised accounts. Criminals use stolen credentials to log in to Microsoft 365 services, and the hijacked accounts are then exploited to send new phishing messages and to carry out invoicing fraud.

  • Data breaches to Palo Alto GlobalProtect products – requires immediate action

    , updated at 14:29

    A vulnerability (CVE-2024-3400) in a Palo Alto GlobalProtect product that is widely used in organisations is being actively exploited. The vulnerability has significant effects and requires updating and investigating the devices. Devices susceptible to the vulnerability should be suspected of being breached.

  • A wave of data breaches is spreading between organisations – cut off the phishing

    , updated at 11:28

    Email accounts of Finnish organisations are being hijacked through a widely-spread phishing campaign. Criminals have been phishing the usernames and passwords of employees via email and scam pages, using the credentials to log in to Microsoft 365 email systems. The hijacked accounts are used to send new phishing messages both within the organisation and to other organisations.

View all vulnerabilities

Everyday information security

Not everything online is what it seems. Learn to recognize common scams and protect your personal information.

Information and guidance