Security News

In a move akin to calling the fire brigade after your house has burned down, the UK government today announced the passage of a bill that would afford it powers to intervene in potentially hostile direct investment. The National Security and Investment Bill, which was introduced last November and has since received royal assent, gives the government powers to scrutinise, alter, and block transactions where there is a risk to national security.

Google has urged the UK's Supreme Court to throw out a £3bn lawsuit brought by an ex-Which director over secretly planted tracking cookies on devices running Safari, on the grounds that local law doesn't allow for opt-out class action lawsuits. The case, being heard over two days this week in the Supreme Court, the final court of appeal in Britain for civil cases, has huge implications for legal businesses and investors as well as data protection law.

Google on Wednesday began a legal bid at Britain's highest court to try to block a class action alleging that it illegally tracked millions of iPhone users. In October 2018, the High Court dismissed the case but the Court of Appeal overturned the decision in October 2019, allowing it to proceed.

UK rail network Merseyrail has confirmed a cyberattack after a ransomware gang used their email system to email employees and journalists about the attack. Merseyrail is a UK rail network that provides train service through sixty-eight stations in the Liverpool City Region in England.

A new malicious piece of spyware is targeting Android users in the U.K. in an attempt to snag their passwords and other private information. Affecting Android phones and devices across the U.K., FluBot is triggered after a user receives a text message asking them to install a tracking app in response to a "Missed delivery package." Clicking on the link in the text directs the victim to a scam website that launches the spyware.

Phone, tablet, and IoT gadget makers will have to state when they'll stop providing security updates for new devices entering the market, the UK's Department for Culture, Media and Sport vowed this morning. Today's pledge would see existing plans for internet-connected tat extended to smartphones and tablets, which is a large step for a scheme originally put together for landfill Internet-of-Things devices such as webcams.

UK Home Secretary Priti Patel will badmouth Facebook's use of end-to-end encryption on Monday evening as she links the security technology with paedophilia, terrorism, organised crime, and so on. The ever-popular politician will say at the National Society for the Prevention of Cruelty to Children event: "Sadly, at a time when we need to be taking more action, Facebook are pursuing end-to-end encryption plans that place the good work and progress achieved so far in jeopardy."

Russia's infamous APT 29, aka Cozy Bear, was behind the SolarWinds Orion attack, the US and UK governments said today as America slapped sanctions on Russian infosec companies as well as expelling diplomats from that country's US embassy. "The Russian Intelligence Services' third arm, the SVR, is responsible for the 2020 exploit of the SolarWinds Orion platform and other information technology infrastructures. This intrusion compromised thousands of US government and private sector networks," said the US Treasury.

An iPhone and Android app called NHS COVID-19 is the official iPhone and Android coronavirus contact tracing software for the vast majority of the population of Great Britain. Apparently, the government was keen to have an updated version of the NHS COVID-19 app ready in time, with added location tracking features that would allow users to share their location logs with the health service.

Nearly a third of Britons use the name of their pet or a family member as a password, the National Cyber Security Centre has said as it advised folk to adopt what looks very much like a Register forum user's suggestion for secure password generation. A survey of 1,282 British adults commissioned by the NCSC showed that 15 per cent used a pet's name while 14 per cent use the name of a family member as a password.