Security News
UK's National Health Service has published a cyber alert warning of an unknown threat group targeting VMware Horizon deployments with Log4Shell exploits. According to the NHS notice, the actor is leveraging the exploit to achieve remote code execution on vulnerable VMware Horizon deployments on public infrastructure.
British police have made a series of arrests over the past few months after people with apparent access to NHS databases allegedly sold fake vaccination status entries on the NHS vaccine passport app. Detective Superintendent Helen Rance said: "The staff at both trusts did the right thing and reported their concerns, which has allowed us to fully investigate the circumstances. I want to reassure the public that no systems were hacked into from outside of the NHS networks and the integrity of the NHS systems remains robust."
NHS Digital has scored a classic Mail All own-goal by dispatching not one, not two, not three, but four emails concerning an infosec breakfast briefing, each time copying the entirety of the invite list in on the messages. The first email sent yesterday morning thanked participants for "Registering for NHS Digital's Full Digital Breakfast: Let's talk cyber, scheduled for Thursday 21 October 2021, 8:00-9:00am."
IT pro Rob Dyke says an NHS-backed company not only threatened him with legal action after he flagged up an exposed GitHub repository containing credentials and insecure code, it even called the police on him. What happened next united infosec professionals across the world as well as triggering a crowdfundraiser and a behind-the-scenes legal war: we're told Apperta sent Dyke legal demands, and followed those up by alleging to the cops that he broke Britain's computer security laws.
Folks in England can from next week use the NHS App to confer their vaccination status, in the face of warnings that the technology could lead to identifiable medical information being exposed. The British government has announced that from 17 May, people will be able to demonstrate their COVID-19 vaccination status - a so-called vaccine passport or certificate - using the NHS App, which began its public rollout in January 2019, well before the pandemic.
Folks in England can from next week use the NHS App to confer their vaccination status, in the face of warnings that the technology could lead to identifiable medical information being exposed. The British government has announced that from 17 May, people will be able to demonstrate their COVID-19 vaccination status - a so-called vaccine passport or certificate - using the NHS App, which began its public rollout in January 2019, well before the pandemic.
A very active phishing campaign is underway pretending to be from the UK's National Health Service, alerting recipients that they are eligible to receive the COVID-19 vaccine. The phishing email, shown below, asks the recipient if they want to accept or decline the invitation to schedule their COVID-19 vaccination.
A very active phishing campaign is underway pretending to be from the UK's National Health Service, alerting recipients that they are eligible to receive the COVID-19 vaccine. The phishing email, shown below, asks the recipient if they want to accept or decline the invitation to schedule their COVID-19 vaccination.
There's nothing quite like eating your own dog food, as Test and Trace chief Baroness Dido Harding has learned after being instructed to self-isolate by the NHS COVID-19 contact-tracing app overnight. In a tweet this morning, Harding said she was feeling well, and that there's "Nothing like personal experience of your own products." A screenshot posted to Twitter shows Harding with nine days remaining in her isolation period.
Issuing the org's annual report today, NCSC chief exec Lindy Cameron, who formally replaced founding chief Ciaran Martin in the summer, said: "This review outlines the breadth of remarkable work delivered by the NCSC in the past year, largely against a backdrop of the shared global crisis of coronavirus." "We've added a significant amount of support to healthcare," added NCSC ops director Paul Chichester, referring to a number of incidents, some higher profile than others, during the year.