Security News

The UK's deputy prime minister, Oliver Dowden, says China has been unsuccessful in its attempts to undermine UK elections. Separately, UK parliamentarians - many of whom are known for their criticism of Beijing - had their email accounts targeted by a China state-linked group in 2021.

Crew may well be working under contract for Beijing Chinese spies exploited a couple of critical-severity bugs in F5 and ConnectWise equipment earlier this year to sell access to compromised US...

Leicester City Council continues to battle a suspected ransomware attack while keeping schtum about the key details. The Register has repeatedly asked for a confirmation or denial of ransomware's involvement from the council, but after ignoring us for ten days it finally replied today, only to say it still couldn't share anything beyond official statements.

UK bakery chain Greggs is the latest victim of recent point of sale system outages that forced store closures at large retail chains over the past few weeks. Greggs is a bakery chain with 2,300 branches across the UK, selling sausage rolls, baked goods, sandwiches, and sweets.

A cursory scan of the major ransomware groups' leak blogs shows none of the big names are yet claiming responsibility for the attack on Leicester City Council. "Over the weekend we have continued to work with our cybersecurity and law enforcement partners, as well as learning from other councils who have had attacks, to identify the nature of the incident and the steps we need to take to get our systems back online," said Richard Sword, strategic director of city developments and neighborhoods at Leicester City Council.

Russian state hackers are adapting their techniques to target organizations moving to the cloud, an advisory from the UK National Cyber Security Centre and international security agencies has warned. The advisory details how cyber espionage group APT29 is directly targeting weaknesses in cloud services used by victim organizations to gain initial access to their systems.

By 2025, Britain is set to ditch physical immigration status documents such as Biometric Residence Permits and Biometric Residence Cards in a bid to make its borders digital, which is in-line with developed countries like Australia. Presently, students, workers, immigrants and their dependents from non-EU countries residing in the UK are eventually issued Biometric Residence Permits, cards which are proof of their immigration status in the country.

The farewell report written by the UK's biometrics and surveillance commissioner highlights a litany of failings in the Home Office's approach to governing the technology. "My time as the biometrics and surveillance camera commissioner has been interesting, challenging, and at times frustrating, in part because of a lack of engagement across Whitehall and often an absence of support in obtaining the resources needed to fulfill my functions: at no time have I had a full complement of staff," Sampson wrote.

The United Kingdom's National Cyber Security Centre is inviting members of the cybersecurity community to join its new Cyber League, which is a collective of industry experts that will work alongside the government agency to tackle security threats facing the U.K. Announced by the NCSC on Jan. 17, the Cyber League will support existing NCSC initiatives that bring together experts from the public and private sectors. The Cyber League will see members of the cybersecurity and threat intelligence industries join NCSC analysts in workshops and discussion groups to exchange insights on the growing threat landscape.

The agency says cybercriminals already use AI for various purposes, and the phenomenon is expected to worsen over the next two years, helping increase the volume and severity of cyberattacks. The NCSC believes that AI will enable inexperienced threat actors, hackers-for-hire, and low-skilled hacktivists to conduct more effective, tailored attacks that would otherwise require significant time, technical knowledge, and operational effort.