Security News

UK mulls making MSPs subject to mandatory security standards where they provide critical infrastructure
2022-01-20 17:15

NIS is the main law controlling security practices in the UK today. Currently a straight copy of the EU NIS Directive, one of the benefits of Brexit leapt upon by the Department for Digital, Culture, Media and Sport is the new ability to amend NIS's reporting thresholds.

Privacy is for paedophiles, UK government seems to be saying while spending £500k demonising online chat encryption
2022-01-20 15:06

The British government's PR campaign to destroy popular support for end-to-end encryption on messaging platforms has kicked off, under the handle "No Place To Hide", and it's as broad as any previous attack on the safety-guaranteeing technology. Judging by videos earnestly distributed by organisations supporting it, the No Place To Hide campaign is much wider than merely targeting Facebook Messenger as was previously thought.

NortonLifeLock and Avast tie-up falls under UK competition regulator's spotlight
2022-01-20 11:03

The UK's Competition and Markets Authority has invited comments from industry and interested parties about NortonLifeLock's proposed $8bn purchase of fellow infosec outfit Avast. "The CMA is considering whether it is or may be the case that this transaction, if carried into effect, will result in the creation of a relevant merger situation under the merger provisions of the Enterprise Act 2002," it said.

UK’s Cyber Security Center publishes new guidance to fight smishing
2022-01-19 16:44

UK's National Cyber Security Center has published new guidance for organizations to follow when communicating with customers via SMS or phone calls. Use a five-digit number instead of a regular phone number.

UK Government to Launch PR Campaign Undermining End-to-End Encryption
2022-01-18 12:05

Rolling Stone is reporting that the UK government has hired the M&C Saatchi advertising agency to launch an anti-encryption advertising campaign. Presumably they'll lean heavily on the "Think of the children!" rhetoric we're seeing in this current wave of the crypto wars.

UK jails man for spying on teenagers, stealing photos using RATs
2022-01-12 18:38

A Nottingham man was imprisoned this week for more than two years after hacking the computers and phones of dozens of victims, some of them underage, and spying on them using remote access trojans. 32-year-old Robert Davies used fake online social media profiles and Skype accounts for catfishing his victims and hacking their devices by sending links that allowed him to infect them with RATs obfuscated using crypters.

Secure boot for UK electric car chargers isn't mandatory until 2023 – but why the delay?
2022-01-11 10:17

Electric car chargers will have to include secure boot and automatic network disconnection if unsigned software runs on the smart devices - but only from 2023, the British government has said. New security requirements for smart chargers won't be enforced until the last day of this year, according to government papers reviewed by The Register.

John Edwards takes the reins at the UK's data protection watchdog
2022-01-04 13:58

The Information Commissioner's Office has confirmed that former New Zealand privacy commissioner John Edwards has started his new role as the UK's Information Commissioner. While legal experts have warned of the dangers of the UK straying too far from the EU's General Data Protection Directive - or risking the adequacy decision which currently allows data sharing between the UK and the EU to support business as usual - his message is don't stop believing.

#UK
Why the UK’s energy sector is fragile and ripe to cyber attacks
2022-01-03 05:50

One sector that I believe is ripe and particularly susceptible to cyber attacks currently is the UK's energy sector. Impacted by a surge in demand for energy by countries across the northern hemisphere, the supply chain that services the UK's critical need for gas and electricity is currently grappling with a widespread energy crisis as we head into winter.

UK National Crime Agency finds 225 million previously unexposed passwords
2021-12-21 07:10

The US Attorney's Office of Massachusetts on Monday announced the extradition of Vladislav Klyushin, a Russian business executive with ties to the Kremlin, on charges of hacking US computer networks and committing securities fraud by trading on undisclosed financial data. Klyushin, 41, a resident of Moscow, Russia, was arrested in Sion, Switzerland on March 21, 2021, reportedly upon disembarking from his private jet while on vacation with his family.