Security News
The UK's National Cyber Security Centre says it's in the planning stages of bringing a new suite of services to its existing Active Cyber Defence program. Existing services under ACD 1.0 such as Logging Made Easy and Protective DNS are already run by external partners - CISA and Cloudflare respectively - but some, such as Early Warning, can only ever be run by the NCSC due to their very nature.
The UK's National Crime Agency has shut down an outfit called Russian Coms - a call-spoofing service believed to have swindled hundreds of thousands of victims. Police arrested a third man from Newham, age 28, who is accused of being an affiliate and a courier for the handsets required to use the spoofing service.
The United Kingdom's National Crime Agency (NCA) has shut down Russian Coms, a major caller ID spoofing platform used by hundreds of criminals to make over 1.8 million scam calls. [...]
The UK's Electoral Commission has received a formal slap on the wrist for a litany of security failings that led to the theft of personal data belonging to around 40 million voters. Official documents from the Information Commissioner's Office say the people responsible for the 2021 cyberattack on the Electoral Commission's Microsoft Exchange Server are unknown.
The United Kingdom's Information Commissioner's Office revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities. Tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, these security flaws were chained to hack into the commission's Exchange Server 2016 and deploy web shells, which allowed the attackers to gain persistence after installing web shells and backdoors.
UK police have arrested a 17-year-old boy suspected of being involved in the 2023 MGM Resorts ransomware attack and a member of the Scattered Spider hacking collective. "We're proud to have assisted law enforcement in locating and arresting one of the alleged criminals responsible for the cyber attack against MGM Resorts and many others," MGM said as part of the law enforcement statement.
Cops in the UK have arrested a suspected member of the notorious Scattered Spider crime gang, which is accused of crippling MGM Resorts in Las Vegas with ransomware last summer. West Midlands police - along with officials from Britain's National Crime Agency and the FBI - cuffed the 17-year-old, of Walsall, England, on Thursday.
Australian Craig Wright has finally admitted he is not the inventor of Bitcoin after losing several cases in the High Court of England and Wales, whose judge has suggested he be investigated for perjury. Wright has for years claimed to be Satoshi Nakamoto - the pseudonym used by whoever wrote the whitepaper that defined Bitcoin and created the reference architecture for the cryptocurrency.
The complaint follows a similar protest in the European Union under the General Data Protection Regulation, which resulted in the social media biz agreeing to pause plans to train AI models on EU users' Facebook and Instagram users' posts. Although UK data protection law currently mirrors that in the EU, its decision to leave the economic and political bloc came into effect at the end of 2020.
ASIA IN BRIEF The interim CEO of the UK's National Cyber Security Centre has criticized China's approach to bug reporting. After first pointing out that UK authorities have not attributed that incident to a Chinese actor, Oswald said "Chinese actors' approach in cyberspace over the last 18 months should worry us all."