uk
UK fines software provider £3.07 million for 2022 ransomware breach
The UK Information Commissioner’s Office (ICO) has issued a £3.07 million fine on Advanced Computer Software Group Ltd for a 2022 ransomware attack that exposed the sensitive personal data of 79,404 people, including National Health Service (NHS) patients. The cyberattack was announced in early August 2022 when various NHS services, including 111 emergency services, suffered significant outages, pointing […]
UK urges critical orgs to adopt quantum cryptography by 2035
The UK’s National Cyber Security Centre (NCSC) has published specific timelines on migrating to post-quantum cryptography (PQC), dictating that critical organizations should complete migration by 2035. The new guidance aims to provide a structured migration plan with specified milestones for all organizations to follow. It will also serve to highlight the real security risks of […]
UK watchdog probes TikTok and Reddit over child privacy concerns
On Monday, the United Kingdom’s privacy watchdog announced that it’s investigating TikTok, Reddit, and Imgur because of privacy concerns about how they are processing children’s data. The Information Commissioner’s Office (ICO) says it’s now looking into how TikTok uses children’s data to make recommendations that could lead to inappropriate or harmful content being added to their […]
Apple pulls iCloud end-to-end encryption feature in the UK
Apple will no longer offer iCloud end-to-end encryption in the United Kingdom after the government requested a backdoor to access Apple customers’ encrypted cloud data. As Apple told GeekFeed on Friday, the optional Advanced Data Protection (ADP) feature introduced in December 2022 will no longer be available for new users in the U.K. starting today. This decision follows a secret […]
Cyber agencies share security guidance for network edge devices
Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances to improve forensic visibility to help defenders detect attacks and investigate breaches. Such devices, including firewalls, routers, virtual private networks (VPN) gateways, internet-facing servers and operational technology (OT) systems, and Internet of Things (IoT) devices, […]
UK domain registry Nominet confirms breach via Ivanti zero-day
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. The company manages and operates over 11 million .uk, .co.uk, and .gov .uk domain names and other top-level domains, including .cymru and .wales. It also […]
UK disrupts Russian money laundering networks used by ransomware
A law enforcement operation led by the United Kingdom’s National Crime Agency (NCA) has disrupted two Russian money laundering networks working with criminals worldwide, including ransomware gangs. Dubbed “Operation Destabilise,” this international investigation has led to the arrest of 84 Russian-speaking suspects linked to the Smart (led by Ukrainian George Rossi) and TGR (controlled by […]
Scammers target UK senior citizens with Winter Fuel Payment texts
As the winter season kicks in, scammers are not missing the chance to target senior British residents with bogus “winter heating allowance” and “cost of living support” scam texts. The scam campaign is opportunistic given the UK government’s recent controversial stance on cutting winter fuel payments from approximately 10 million pensioners across Britain. Lookalike GOV.UK pages Scammers […]
UK nuclear site Sellafield fined $440,000 for cybersecurity shortfalls
Nuclear waste processing facility Sellafield has been fined £332,500 ($440k) by the Office for Nuclear Regulation (ONR) for failing to adhere to cybersecurity standards and putting sensitive nuclear information at risk over four years, from 2019 to 2023. According to the ONR announcement, Sellafield failed to follow its own approved cybersecurity protocols by leaving multiple […]
Transport for London staff faces systems disruptions after cyberattack
Transport for London, the city’s public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack. On Monday, the transport authority reported the incident to relevant government agencies (including the National Cyber Security Centre and the National Crime Agency). It is now working with […]