Security News
Nearly half of British university staff say they have received no cybersecurity training, according to a recent survey. 46 per cent of staff received no training at all, while one Russell Group uni said that just 12 per cent of its staff had received "Any" training in infosec matters.
Uncommonly well-informed people knew all about it by reading The Register's report of the Blackbaud ransom payment last week, but mere Muggles only heard of it when universities began informing students, staff and alumni that their personal data had been nicked. The University of York told its students and alumni on Wednesday that names, dates of birth, student numbers, addresses, phone and email addresses, fundraising details, details of occupation and employer details were among the data stolen, according to student news site York Mix.
British infosec businesses are celebrating the 30th birthday of the Computer Misuse Act 1990 by writing to Prime Minister Boris Johnson urging reform of the elderly cybercrime law. The Computer Misuse Act received Royal Assent on 29 June 1990, before "The concept of cyber security and threat intelligence research," the CyberUp campaign group said in its letter [PDF].
South Wales Police and the UK Home Office "Fundamentally disagree" that automated facial recognition software is as intrusive as collecting fingerprints or DNA, a barrister for the force told the Court of Appeal yesterday. Jason Beer QC, representing the South Wales Police also blamed the Information Commissioner's Office for "Dragging" the court into the topic of whether the police force's use of the creepy cameras complied with the Data Protection Act.
Britain's Ministry of Defence contractor Interserve has been hacked, reportedly leaking the details of up to 100,000 of past and current employees, including payment information and details of their next of kin. The Daily Telegraph reports that up to 100,000 employee details were stolen, dating back across a number of years.
One of Britain's most powerful academic supercomputers has fallen victim to a "Security exploitation" of its login nodes, forcing the rewriting of all user passwords and SSH keys. Sysadmins warned ARCHER users that their SSH keys may have been compromised as a result of the apparent attack, advising them to "Change passwords and SSH keys on any other systems which you share your ARCHER credentials with".
One of Britain's most powerful academic supercomputers has fallen victim to a "Security exploitation" of its login nodes, forcing the rewriting of all user passwords and SSH keys. Sysadmins warned ARCHER users that their SSH keys may have been compromised as a result of the apparent attack, advising them to "Change passwords and SSH keys on any other systems which you share your ARCHER credentials with".
In a blunder described as "Astonishing and worrying," Sheffield City Council's automatic number-plate recognition system exposed to the internet 8.6 million records of road journeys made by thousands of people, The Register can reveal. The ANPR camera system's internal management dashboard could be accessed by simply entering its IP address into a web browser.
A UK housing association blurted 3,500 people's sensitive personal data as part of a bungled "Please update your contact details" email exercise, The Register has been told. Watford Community Housing sent the email on the night of 23 March to people it thought were its tenants.
British police are saying coronavirus-related fraud reports have spiked by 400 per cent over the past six weeks as the COVID-19 illness continues its inexorable march through humanity. Although absolute numbers of reports are low, perhaps kept that way because the public now knows Action Fraud is largely useless, the National Fraud Intelligence Bureau said there were a total of 200 reports of coronavirus scams made to them since 1 February.