Security News

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

British infosec accreditation body CREST has appointed an ex-police officer to investigate the NCC Group exam cheat-sheet scandal as its chairman temporarily steps aside. The accreditation body has been rocked by revelations from The Register that major industry player NCC Group's training material was leaked in a Github repo alongside cheat sheets to help candidates pass accreditation exams first time.

British infosec accreditation body CREST has suspended all of its accreditation exams after The Register revealed a published cache of files including what appeared to be internal exam sheets as well as docs apparently tied to key industry player NCC Group. We understand from sources that the security body has suspended all of its CREST Certified Infrastructure Tester and CREST Certified Web Application Tester exams for up to a month while their contents are reviewed.

Since the beginning of 2020, the North Korea-linked threat group known as Lazarus has successfully compromised dozens of organizations in Israel and other countries by targeting their employees with appealing job offers, UK-based cybersecurity firm ClearSky reported this week. Earlier this week, the Israeli defense ministry claimed to have successfully prevented a Lazarus attack targeting the country's defense manufacturers, but ClearSky says that the attackers were in fact successful in their attempts.

UK workers are spending an extra two hours at work every day while people in the US are working three extra hours, according to an analysis of VPN data. NordVPN Teams found that people in both countries are still working the extra hours that started in April when coronavirus lockdowns started.

British Airways expects the fine for its 2018 credit card data leak to be just 10.8 per cent of the £183m proposed by the UK data watchdog - while US hotel chain Marriott has both halved and kicked its own data blunder punishment into the long grass once again, The Register can reveal. Marriott has secured an extension for fine negotiations to 30 September, having secured two already; one from January to 31 March and a second that ran through May. On top of that, the company set aside $65m to cover its proposed fine, down from the Information Commissioner's original intention to impose a £99m penalty.

Former UK trade minister and current Conservative MP Dr. Liam Fox has been named as the source of hacked trade documents released during last year's British elections. A report from Reuters cited two anonymous sources who say that the 58 year-old Fox, who has since stepped down, had an email account taken over by Russian hackers, who then used it to obtain and release documents about Anglo-American trade talks.

The chairman of UK Parliament's Defence Committee has suggested making popular app TikTok subject to Huawei-style code reviews by GCHQ, if its reported move to a new London HQ comes true. Calls to simply ban TIKTOK are shortsighted - we are losing this tech Cold War.

China's ambassador to Britain has threatened to withdraw Huawei and several billions in investment following the government's decision to ban the manufacturer's products from 5G mobile networks. Following US sanctions aimed at disrupting Huawei's use of US chip design tech, Britain's National Cyber Security Centre declared it would not vet homegrown Chinese chips in Huawei equipment, giving the government justification for a ban on national security grounds.

In a joint alert this week, the United States and the United Kingdom warned that a piece of malware has infected over 62,000 QNAP network-attached storage devices. "Due to these data breach concerns, QNAP devices that had been infected may still be vulnerable to reinfection after removing the malware," the company said.