Security News

In a joint alert this week, the United States and the United Kingdom warned that a piece of malware has infected over 62,000 QNAP network-attached storage devices. "Due to these data breach concerns, QNAP devices that had been infected may still be vulnerable to reinfection after removing the malware," the company said.

The UK Cabinet Office is to take control of government data from the Department for Digital, Media, Culture and Sport. "A written statement from Prime Minister Boris Johnson under the heading"Machinery of Government", dated 22 July, reads: "Responsibility for government use of data has transferred from the Department for Digital Culture Media and Sport to the Cabinet Office.

Common cybersecurity threats also apply to Premier League football clubs, according to the National Cyber Security Centre, which said that one club nearly sent £1m to fraudsters after a business email compromise attack. "Adenike Cosgrove of email security biz Proofpoint commented:"The sporting industry has complex supply chains and frequently transfers large payment sums, making it a prime target for business email compromise attacks.

Legal told The Register that the laws "Cut away some of the powers which up until today can be used to obtain communications data". In other words, as section 12(5)(a)(i) puts it, any surveillance power granted to the public sector under any law other than the Snoopers' Charter itself or the Regulation of Investigatory Powers Act 2000 now can't be exercised unless your telco or Royal Mail can be persuaded to hand over access to your communications.

An influential UK Parliamentary committee has called on social media companies to remove covert hostile state material and said the government must "Name and shame" those that fail to act. We are concerned that there is no clear coordination of the numerous organisations across the UK intelligence community working on , this is reinforced by an unnecessarily complicated wiring diagram of responsibilities amongst ministers.... The focus of political attention because of its relevance to the EU referendum and subject to delay at the hands of Prime Minister and his office, the report also details use of technology and social media for nefarious Russian activity.

The UK government has admitted it deployed the COVID-19 Test and Trace programme without a Data Protection Impact Assessment required by law, according to privacy campaigners the Open Rights Group. The ORG said the Department of Health and Social Care had confirmed in writing that the impact assessment had not been carried out following its legal complaint to data protection watchdog the Information Commissioner's Office.

Britain, the United States and Canada on Thursday accused a hacking group called APT29 of spearheading the online attacks on various organisations involved in COVID-19 vaccine development. Moscow quickly rejected the accusations as "Groundless", and its ambassador to London said in a British television interview Sunday the claims made "No sense".

The Kremlin on Thursday denied claims by Britain that "Russian actors" sought to meddle in last year's general election and that Russian intelligence services most likely hacked coronavirus vaccine research. "We have no information on who could have hacked pharmaceutical companies and research centres in Britain," Kremlin spokesman Dmitry Peskov told the TASS news agency.

The Kremlin-backed APT29 crew, also known by a variety of other names such as Cozy Bear, Iron Hemlock, or The Dukes, depending on which threat intel company you're talking to that week, is believed by most reputable analysts to be a wholly owned subsidiary of the FSB, modern-day successor to the infamous Soviet KGB. NCSC ops director Paul Chichester said in a statement: "We condemn these despicable attacks against those doing vital work to combat the coronavirus pandemic." Foreign Secretary Dominic Raab added: "It is completely unacceptable that the Russian Intelligence Services are targeting those working to combat the coronavirus pandemic. While others pursue their selfish interests with reckless behaviour, the UK and its allies are getting on with the hard work of finding a vaccine and protecting global health."

Britain, the United States and Canada accused Russian hackers on Thursday of trying to steal information from researchers seeking a coronavirus vaccine, warning scientists and pharmaceutical companies to be alert for suspicious activity. Intelligence agencies in the three nations alleged that the hacking group APT29, also known as Cozy Bear and said to be part of the Russian intelligence services, is attacking academic and pharmaceutical research institutions involved in COVID-19 vaccine development.