Security News

UK trade union Prospect has chimed in with the chorus of disapproval at technologies such as Microsoft's Productivity Score being used on the nation's workers. The letter [PDF], sent to data watchdog the Information Commissioner's Office, makes clear the disquiet felt at the potential level of employee monitoring afforded even while acknowledging the rapid back-pedalling undertaken by Redmond amid the furore.

The UK's Ministry of Defence has launched a bug bounty scheme, promising privateer pentesters they won't be prosecuted if they stick to the published script. The MoD has joined forces with bug bounty platform HackerOne, with the scheme seemingly being aimed at those who probe external web-facing parts of the ministry's sprawling digital estate.

A war of words has erupted between the National Police Chiefs' Council and a British web security pro after a senior cop declared it would be "a waste of public money" to keep discussing security flaws in the body's Cyberalarm product. Paul Moore says he uncovered what he described as a number of serious flaws in Cyberalarm, a distributed logging and monitoring tool intended to be deployed by small public-sector organisations.

UK-based cybersecurity company Glasswall this week announced that it has raised £18 million in equity capital, which it will use to fund its expansion. Glasswall has developed a product designed to protect organizations against file-based threats using content disarm and reconstruction technology, which removes potentially malicious code from files.

Wireless carriers in the U.K. won't be allowed to install Huawei equipment in their high-speed 5G networks after September 2021, the British government said Monday, hardening its line against the Chinese technology company. The government of Prime Minister Boris Johnson in July banned Huawei from having a role in building Britain's next-generation mobile phone networks over security concerns triggered by U.S. sanctions.

A UK infosec bod has launched a petition asking the government if it would please drop its plans to install backdoors in end-to-end encryption. Application security specialist Sean Wright's Parliamentary petition comes as an expression of uneasiness at long-signalled plans for British state agencies to sidestep encryption and enable snooping on private citizens' online conversations at will.

The UK National Cyber Security Centre issued an alert yesterday, prompting all organizations to patch the critical CVE-2020-15505 remote code execution vulnerability in MobileIron mobile device management systems. NCSC is warning that they are aware of hacking groups actively using the MobileIron CVE-2020-1550 vulnerability to compromise the networks in the healthcare, local government, logistics, and legal sectors.

Telecom companies in Britain face hefty fines if they don't comply with strict new security rules under a new law proposed in Parliament on Tuesday that is aimed at blocking high-risk equipment suppliers like China's Huawei. The Telecommunications Bill tightens security requirements for new high speed 5G wireless and fiber optic networks, with the threat of fines of up to either 10% of sales or 100,000 pounds a day for companies that don't follow the rules.

Google faces fresh regulatory scrutiny in Britain over plans to revamp its ad data system, after an industry lobbying group complained to the competition watchdog that the changes would cement the U.S. tech giant's online dominance. The new technology would remove so-called third party cookies that allow users to be tracked across the internet by storing information on their devices, replaced by tools owned by Google.

Google's Privacy Sandbox took another knock today as Marketers for an Open Web wrote to the UK's Competition and Markets Authority requesting a block on the technology's launch. Google is walking a tightrope with its Privacy Sandbox project.