Security News

US, UK warn of govt hackers using custom malware on Cisco routers
2023-04-18 21:42

The US, UK, and Cisco are warning of Russian state-sponsored APT28 hackers deploying a custom malware named 'Jaguar Tooth' on Cisco IOS routers, allowing unauthenticated access to the device. A joint report released today by the UK National Cyber Security Centre, US Cybersecurity and Infrastructure Security Agency, the NSA, and the FBI details how the APT28 hackers have been exploiting an old SNMP flaw on Cisco IOS routers to deploy a custom malware named 'Jaguar Tooth.

Russian snoops just love invading unpatched Cisco gear, America and UK warn
2023-04-18 20:45

The UK and US governments have sounded the alarm on Russian intelligence targeting unpatched Cisco routers to deploy malware and carry out surveillance. In a joint advisory issued Tuesday, the UK National Cyber Security Centre, the NSA, America's Cybersecurity and Infrastructure Security Agency and the FBI provided details about how Russia's APT28 - aka FancyBear and Stronium - exploited an old vulnerability in unpatched Cisco routers in 2021 to collect network information belonging to European and US government organizations, and about 250 Ukrainian victims.

Wrong time to weaken encryption, UK IT chartered institute tells government
2023-04-18 11:27

There cannot be a "British internet," or a version of end-to-end encryption that is specific to the UK. The UK Government must urgently rethink the Bill, revising it to encourage companies to offer more privacy and security to its residents, not less. "There is grave concern that the Online Safety Bill's requirements around identifying illegal content could break the principle of end-to-end encryption with the promise of a magical backdoor. Once a backdoor has been compromised, data and content protected by the encryption becomes accessible. This is exactly what many bad actors would welcome."

SD Worx shuts down UK payroll, HR services after cyberattack
2023-04-10 15:32

Belgian HR and payroll giant SD Worx has suffered a cyberattack causing them to shut down all IT systems for its UK and Ireland services. SD Worx is a European HR and payroll management company based out of Belgium that services 5.2 million employees for over 82,000 companies, according to its website.

UK criminal records office confirms cyber incident behind portal issues
2023-04-06 19:38

The UK's Criminal Records Office has finally confirmed, after weeks of delaying issuing a statement, that online portal issues experienced since January 17 resulted from what it described as a "Cyber security incident." ACRO is the country's national law enforcement organization responsible for managing criminal record information, providing criminal records on request, and sharing those records with foreign nations.

UK data watchdog fines TikTok £12.7M for failing to protect kids
2023-04-04 13:42

Fresh off the back of an embarrassing "Grilling" by US Congress on national security grounds, TikTok has received a more concrete reprimand from the UK's Information Commissioner's Office - a fine of £12.7 million for "Misusing children's data." Despite TikTok's own rules disallowing children under the age of 13, the video-sharing app's whirlwind success has meant that some 1.4 million kids in the UK used it in 2020 by the ICO's estimates.

UK Runs Fake DDoS-for-Hire Sites
2023-04-03 11:05

The NCA says all of its fake so-called "Booter" or "Stresser" sites which have so far been accessed by several thousand people-have been created to look like they offer the tools and services that enable cyber criminals to execute these attacks. "However, after users register, rather than being given access to cyber crime tools, their data is collated by investigators," reads an NCA advisory on the program.

UK creates fake DDoS-for-hire sites to identify cybercriminals
2023-03-24 16:35

The U.K.'s National Crime Agency revealed today that they created multiple fake DDoS-for-hire service websites to identify cybercriminals who utilize these platforms to attack organizations. NCA says several thousands of people accessed its fake sites, which had a realistic appearance as a genuine booter service.

UK.gov bans TikTok from its devices as a 'precaution' over spying fears
2023-03-16 14:34

The United Kingdom government has banned use of Chinese social media platform TikTok among ministers and officials on their work devices as a "Precautionary" measure over worries the app is used to snoop on Brits. Speaking to Parliament this afternoon, Oliver Dowden, chancellor of the Duchy of Lancaster and Secretary of State who oversees Cabinet Office policy, said the ban would have immediate effect and applied to devices issued within ministerial and non-ministerial departments, but not to "Personal devices for government employees or ministers or the general public."

UK refreshes national security plan to stop more of China's secret-stealing cyber-tricks
2023-03-14 07:40

UK Prime Minister Rishi Sunak on Monday announced the National Protective Security Agency as part of a refresh of the government's security strategy known as the "Integrated Review". The refresh included the replacement of the UK's Conflict, Stability and Security Fund with an Integrated Security Fund that's funded to the tune of £1 billion to "Deliver on the core objectives of the Integrated Review at home and around the world, including in economic and cyber security, counter terrorism and human rights."