Security News

The global pandemic has provided cover for all sorts of phishing scams over the past couple of years, and the rise in alarm over the spread of the latest COVID-19 variant, Omicron, is no exception. U.K. consumer watchdog "Which?" has raised the alarm that a new phishing scam, doctored up to look like official communications from the National Health Service, is targeting people with fraud offers for free PCR tests for the COVID-19 Omicron variant.

The UK legislature is currently interested in a law about what it calls PSTI, short for Product Security and Telecommunications Infrastructure. It's a much more modest regulatory proposal, and unlike those proposals that aim to disrupt security and cryptography "Just in case we ever lock the keys in the car", its goal is to demand a modest increase in security and basic cyber-reliability in products such as mobile phones, fitness trackers, internet webcams, cloud doorbells, and temperature sensors for your pet fish.

Britain's plans to force internet-connected device vendors to declare legally binding product lifespans won't be easily evaded by shell companies, the government has told The Register. After the Product Security and Telecommunications Infrastructure Bill was introduced to Parliament last week, some questioned whether the legislation would prevent unscrupulous manufacturers and importers from avoiding legal liability by setting up shell companies.

Singapore and the UK signed three memorandums of understanding this week, hoping to strengthen digital connectivity between the two island nations. In a canned statement, Singapore's Minister for Communications and Information, Josephine Teo, said the agreement would "Further strengthen the links between Singapore and the UK in digital trade facilitation, digital identities and cybersecurity."

EB Associates, a London-based financial advisory business, is facing a £140,000 fine from the UK's data watchdog after it instigated 107,000 illegal cold calls to people about their pensions. The practice of pension cold-calling was banned by the government in January 2019 to stop people being scammed of their life savings.

The astonishingly mild sanction was revealed in a Freedom-of-Information response after senior data protection specialist Jon Baines at London law firm Mishcon de Reya asked about reprimands made under the General Data Protection Regulation. Reprimands are a formal expression of the ICO's disapproval, issued to organisations that have broken data protection law.

The head of the UK's secretive Military Intelligence Section 6 agency - popularly known as MI6 - has delivered a rare speech in which he has warned that China, Iran, and Russia use information technology to destabilise rivals, and that the agency he leads can no longer rely on in-house innovation to develop the technologies the UK needs to defend itself. MI6 boss Richard Moore delivered a speech on Thursday at the International Institute for Strategic Studies, and opened with an explanation of why the normally reclusive agency had taken the unusual step of allowing its leader to speak in public.

Following California’s lead, a new UK law would ban default passwords in IoT devices.

The CMA's claims come in the wake of yesterday's call by the UK's data watchdog, the Information Commissioner's Office, for Google and co to sort out the privacy risks posed by ads. In June the CMA consulted on initial commitments offered by Google and the feedback from third parties was... they needed a bit of work.

A company repeatedly endorsed by ministers backing the UK's Online Safety Bill was warned by its lawyers that its technology could breach the Investigatory Powers Act's ban on unlawful interception of communications, The Register can reveal. SafeToNet, a content-scanning startup whose product is aimed at parents and uses AI to monitor messages sent to and from children's online accounts, had to change its product after being warned that a feature developed for the government-approved app would break the law.