Security News

UK Energy Startup 'People's Energy' Discloses Data Breach
2020-12-18 14:42

UK energy supplier People's Energy this week started informing customers of a data breach that affected some of their personal information. In a data breach notification published on its website, the energy supplier reveals that, on December 16, it was the victim of a cyberattack in which an unauthorized party accessed one of the systems used to store member data.

Whistleblowers have come to us alleging spy agency wrongdoing, says UK auditor IPCO
2020-12-17 12:35

Police forces were found by IPCO to be treating applications to use spying powers as a tickbox exercise, perhaps unsurprisingly given that these are self-authorisations rubberstamped by police managers themselves. "To provide oversight that satisfies this judgment, IPCO reviewed the use of bulk data at GCHQ and has now incorporated the sharing of bulk data with foreign partners into its regular oversight and inspection arrangements," said IPCO in a statement.

UK Home Office chucks US firm Leidos £30m for help snooping on comms data
2020-12-17 09:30

The UK's Home Office has handed a £30m contract to engineering and IT outfit Leidos to help government agencies access and analyse communications data for combatting terrorism and organised crime. The Home Office's National Communications Data Service launched the Agile Data Retention and Disclosure Services last year with a prior information notice to the market.

UK proposes new powers for comms regulator to legally unleash avenging hordes on security-breached telcos
2020-12-16 12:32

Britain's Telecommunications Security Bill will allow anyone to sue their telco if they suffer "Loss or damage" as a result of a system breach - but only if they get Ofcom's permission. Buried in the details away from the China-bashing stuff is a potentially heavy stick to be wielded by telco regulator Ofcom, pitting baying crowds against telecoms operators.

Massive Subway UK phishing attack is pushing TrickBot malware
2020-12-11 08:41

A massive phishing campaign pretending to be a Subway order confirmation is underway distributing the notorious TrickBot malware. TrickBot is a trojan malware infection commonly distributed through phishing campaigns or installed by other malware.

UK union pens letter to data watchdog on icky workplace monitoring systems like Microsoft's Productivity Score
2020-12-10 13:30

UK trade union Prospect has chimed in with the chorus of disapproval at technologies such as Microsoft's Productivity Score being used on the nation's workers. The letter [PDF], sent to data watchdog the Information Commissioner's Office, makes clear the disquiet felt at the potential level of employee monitoring afforded even while acknowledging the rapid back-pedalling undertaken by Redmond amid the furore.

UK Ministry of Defence: We won't prosecute bug bounty hunters – oh btw, we now have one of those
2020-12-10 10:28

The UK's Ministry of Defence has launched a bug bounty scheme, promising privateer pentesters they won't be prosecuted if they stick to the published script. The MoD has joined forces with bug bounty platform HackerOne, with the scheme seemingly being aimed at those who probe external web-facing parts of the ministry's sprawling digital estate.

Bitter war of words erupts between UK cops and web security expert over alleged flaws in Cyberalarm monitoring tool
2020-12-09 09:30

A war of words has erupted between the National Police Chiefs' Council and a British web security pro after a senior cop declared it would be "a waste of public money" to keep discussing security flaws in the body's Cyberalarm product. Paul Moore says he uncovered what he described as a number of serious flaws in Cyberalarm, a distributed logging and monitoring tool intended to be deployed by small public-sector organisations.

UK Cybersecurity Firm Glasswall Raises £18 Million
2020-12-02 14:58

UK-based cybersecurity company Glasswall this week announced that it has raised £18 million in equity capital, which it will use to fund its expansion. Glasswall has developed a product designed to protect organizations against file-based threats using content disarm and reconstruction technology, which removes potentially malicious code from files.

UK to Ban New Huawei Gear Installations After Sept
2020-11-30 19:02

Wireless carriers in the U.K. won't be allowed to install Huawei equipment in their high-speed 5G networks after September 2021, the British government said Monday, hardening its line against the Chinese technology company. The government of Prime Minister Boris Johnson in July banned Huawei from having a role in building Britain's next-generation mobile phone networks over security concerns triggered by U.S. sanctions.