Security News

No matter the legal reasoning, an "Adequacy" decision to let data flow between the UK and the EU will hinge on the ups and downs of the wider Brexit negotiations, which are entering a tense final phase. At the end of the Brexit transition period, when business-as-usual trading with the EU will come to an end and the UK begins dealing with the world's largest trading bloc on new terms, the EU will need to decide whether the new UK data rules are sufficiently aligned with GDPR and allow the uninterrupted transfer of personal data from the EU to the UK. Such a decision of "Adequacy" in the relationship with EU data law is said to be important to the UK working as a successful digital economy.

UHS insists patient care continues to be delivered and that "No patient or employee data appears to have been accessed, copied or otherwise compromised." A UHS spokesperson declined to provide further details or to comment on unsubstantiated claims made via social media suggesting the involvement of the Ryuk ransomware family.

Texts were received by unsuspecting members of the public between 29 February and 30 April, said the UK Information Commissioner's Office. The texts promoted Zoono-branded hand cleaning products that purported to be "Effective against coronavirus," said the ICO. Reg readers will remember that silly members of the public bulk-bought certain products, including toilet paper and hand sanitisers as the spread of the potentially deadly virus made its way across Europe.

The British Airline Pilots' Association has told American aviation regulators that the Boeing 737 Max needs better fixes for its infamous MCAS software, warning that a plane crash which killed 149 people could happen again. Airlines, in contrast, are broadly happy with proposed changes to the Boeing 737 Max, even as trade unions bellow at the US Federal Aviation Administration that more needs to be done.

In the absence of a working contact tracing app, the UK government has been forced to rely on manual data collection and human-powered tracing to identify potential cases of exposure to the Covid-19 virus. As this information is recorded and stored digitally, any concerns regarding an app-based approach to contact tracing also apply to manual contact tracing.

Conservative backbencher David Davis has vowed to ask questions in Parliament over Uber's seemingly unregulated sharing of data with police and transport regulators as it battled to save its London private hire operator's licence. In November 2019, Uber was formally stripped of its licence after what Transport for London called a "Pattern of failures", including allowing random third parties to upload their mugshots to legitimate Uber driver accounts, bypassing background checks.

The U.K.'s National Cyber Security Center has released a guide to help organizations get started with implementing a vulnerability disclosure process. A well-defined vulnerability disclosure program, NCSC argues, prevents reputational damage that public disclosure may cause, and allows companies not only to establish a way to take action on the identified vulnerabilities, but also to inform the reporting entity that the issue is being managed.

For the past year, Russia-linked threat actor Strontium has targeted hundreds of organizations in the United States and the United Kingdom to harvest account credentials, Microsoft reveals. On Thursday, Microsoft published information on a newly identified Strontium campaign that focused on harvesting Office365 credentials for tens of thousands of accounts at organizations in the US and UK, many of them directly involved in political elections.

Britain's data watchdog says it has snared Swansea-based business CPS Advisory for making more than 100,000 "Unauthorised direct marketing calls" to people about their pensions, and subsequently fined the company £130,000. Under a change to the Private and Electronics Communications Regulation in 2019, a firm can only make live calls to folks about work or a personal pension scheme if they are authorised to do so by the Financial Conduct Authority, or it is the trustee or manager of such a pension.

Lawyers for WikiLeaks founder Julian Assange on Monday failed to persuade a British judge to throw out new US allegations against him, as he resumed his fight to avoid extradition to the United States for leaking military secrets. Inside, Assange's lawyers sought to "Excise" new allegations lodged by Washington in recent weeks, saying they had not had time to formulate a proper response.