Security News

UK’s Cyber Security Center publishes new guidance to fight smishing
2022-01-19 16:44

UK's National Cyber Security Center has published new guidance for organizations to follow when communicating with customers via SMS or phone calls. Use a five-digit number instead of a regular phone number.

UK Government to Launch PR Campaign Undermining End-to-End Encryption
2022-01-18 12:05

Rolling Stone is reporting that the UK government has hired the M&C Saatchi advertising agency to launch an anti-encryption advertising campaign. Presumably they'll lean heavily on the "Think of the children!" rhetoric we're seeing in this current wave of the crypto wars.

UK jails man for spying on teenagers, stealing photos using RATs
2022-01-12 18:38

A Nottingham man was imprisoned this week for more than two years after hacking the computers and phones of dozens of victims, some of them underage, and spying on them using remote access trojans. 32-year-old Robert Davies used fake online social media profiles and Skype accounts for catfishing his victims and hacking their devices by sending links that allowed him to infect them with RATs obfuscated using crypters.

Secure boot for UK electric car chargers isn't mandatory until 2023 – but why the delay?
2022-01-11 10:17

Electric car chargers will have to include secure boot and automatic network disconnection if unsigned software runs on the smart devices - but only from 2023, the British government has said. New security requirements for smart chargers won't be enforced until the last day of this year, according to government papers reviewed by The Register.

John Edwards takes the reins at the UK's data protection watchdog
2022-01-04 13:58

The Information Commissioner's Office has confirmed that former New Zealand privacy commissioner John Edwards has started his new role as the UK's Information Commissioner. While legal experts have warned of the dangers of the UK straying too far from the EU's General Data Protection Directive - or risking the adequacy decision which currently allows data sharing between the UK and the EU to support business as usual - his message is don't stop believing.

#UK
Why the UK’s energy sector is fragile and ripe to cyber attacks
2022-01-03 05:50

One sector that I believe is ripe and particularly susceptible to cyber attacks currently is the UK's energy sector. Impacted by a surge in demand for energy by countries across the northern hemisphere, the supply chain that services the UK's critical need for gas and electricity is currently grappling with a widespread energy crisis as we head into winter.

UK National Crime Agency finds 225 million previously unexposed passwords
2021-12-21 07:10

The US Attorney's Office of Massachusetts on Monday announced the extradition of Vladislav Klyushin, a Russian business executive with ties to the Kremlin, on charges of hacking US computer networks and committing securities fraud by trading on undisclosed financial data. Klyushin, 41, a resident of Moscow, Russia, was arrested in Sion, Switzerland on March 21, 2021, reportedly upon disembarking from his private jet while on vacation with his family.

UK govt shares 585 million passwords with Have I Been Pwned
2021-12-20 17:49

The United Kingdom's National Crime Agency has contributed more than 585 million passwords to the Have I Been Pwned service that lets users check if their login information has leaked online. Just like with the passwords coming from the FBI, this massive collection has been added to the Pwned Passwords data that allows searching if a password has been compromised.

#UK
Friday Squid Blogging: UK Recognizes Squid as Sentient Beings
2021-12-17 22:01

The UK government has officially included decapod crustaceans-including crabs, lobsters, and crayfish-and cephalopod mollusks-including octopuses, squid, and cuttlefish-in its Animal Welfare Bill. This means they are now recognized as "Sentient beings" in the UK. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

#UK
National Cyber Strategy will lead to BritChip for mobile devices by 2025, claims UK.gov
2021-12-16 07:29

The British government has launched a £2.6bn National Cyber Strategy, intended to steer the state's thinking on cyber attack, defence and technology for the next three years - and there's some good news if you run a tech company. Its authors praised the formation of the National Cyber Force "Offensive cyber activity" unit, a joint venture between spy agency MI6, domestic intel agency GCHQ and the Ministry of Defence.