Security News
The United Kingdom's Information Commissioner's Office revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities. Tracked as CVE-2021-34473, CVE-2021-34523, and CVE-2021-31207, these security flaws were chained to hack into the commission's Exchange Server 2016 and deploy web shells, which allowed the attackers to gain persistence after installing web shells and backdoors.
UK police have arrested a 17-year-old boy suspected of being involved in the 2023 MGM Resorts ransomware attack and a member of the Scattered Spider hacking collective. "We're proud to have assisted law enforcement in locating and arresting one of the alleged criminals responsible for the cyber attack against MGM Resorts and many others," MGM said as part of the law enforcement statement.
Cops in the UK have arrested a suspected member of the notorious Scattered Spider crime gang, which is accused of crippling MGM Resorts in Las Vegas with ransomware last summer. West Midlands police - along with officials from Britain's National Crime Agency and the FBI - cuffed the 17-year-old, of Walsall, England, on Thursday.
Australian Craig Wright has finally admitted he is not the inventor of Bitcoin after losing several cases in the High Court of England and Wales, whose judge has suggested he be investigated for perjury. Wright has for years claimed to be Satoshi Nakamoto - the pseudonym used by whoever wrote the whitepaper that defined Bitcoin and created the reference architecture for the cryptocurrency.
The complaint follows a similar protest in the European Union under the General Data Protection Regulation, which resulted in the social media biz agreeing to pause plans to train AI models on EU users' Facebook and Instagram users' posts. Although UK data protection law currently mirrors that in the EU, its decision to leave the economic and political bloc came into effect at the end of 2020.
ASIA IN BRIEF The interim CEO of the UK's National Cyber Security Centre has criticized China's approach to bug reporting. After first pointing out that UK authorities have not attributed that incident to a Chinese actor, Oswald said "Chinese actors' approach in cyberspace over the last 18 months should worry us all."
Certificate Watch Demonstrating that Microsoft is not alone in its inability to keep track of certificates is UK power market biz Elexon. Elexon is an important cog in the UK's wholesale electricity market machine and provides operational data via its Insight Solution platform.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.
The U.K. is by no means a reflection of Europe as a whole when it comes to technical proficiency. "We must strive for greater collaboration between higher education institutions, government and the technology industry to meet the rapidly evolving skill requirements of the digital economy. Without this collaboration and the right level of investment, we will continue to fall behind in technical skills proficiency."