uk
UK Legal Aid Agency investigates cybersecurity incident
The Legal Aid Agency (LAA), an executive agency of the UK’s Ministry of Justice that oversees billions in legal funding, warned law firms of a security incident and said the attackers might have accessed financial information. Approximately 2,000 providers, including barristers, solicitor firms, and non-profit organizations, deliver civil and criminal legal aid services in England […]
UK shares security tips after major retail cyberattacks
Following three high-profile cyberattacks impacting major UK retailers, the country’s National Cyber Security Centre (NCSC) has published guidance that all companies are advised to follow to strengthen their cybersecurity defenses. The cybersecurity breaches that prompted NCSC’s alert are the recent hacks at Marks & Spencer, Co-op, and Harrods, all multi-million British retailers. The attacks started […]
UK NCSC: Cyberattacks impacting UK retailers are a wake-up call
The United Kingdom’s National Cyber Security Centre warned that ongoing cyberattacks impacting multiple UK retail chains should be taken as a “wake-up call.” Part of the GCHQ British intelligence agency, the NCSC provides support and guidance to private and public sector entities following major cybersecurity incidents to protect the UK’s critical services. In a statement […]
UK retailer Co-op shuts down some IT systems after hack attempt
British supermarket chain Co-op shut down parts of its IT systems after detecting an attempted intrusion into its network, disrupting back office and call center services. While A Co-op spokesperson confirmed the hacking attempts to GeekFeed, they have not shared whether these attempts were successful. “We have recently experienced attempts to gain unauthorized access to some […]
UK fines software provider £3.07 million for 2022 ransomware breach
The UK Information Commissioner’s Office (ICO) has issued a £3.07 million fine on Advanced Computer Software Group Ltd for a 2022 ransomware attack that exposed the sensitive personal data of 79,404 people, including National Health Service (NHS) patients. The cyberattack was announced in early August 2022 when various NHS services, including 111 emergency services, suffered significant outages, pointing […]
UK urges critical orgs to adopt quantum cryptography by 2035
The UK’s National Cyber Security Centre (NCSC) has published specific timelines on migrating to post-quantum cryptography (PQC), dictating that critical organizations should complete migration by 2035. The new guidance aims to provide a structured migration plan with specified milestones for all organizations to follow. It will also serve to highlight the real security risks of […]
UK watchdog probes TikTok and Reddit over child privacy concerns
On Monday, the United Kingdom’s privacy watchdog announced that it’s investigating TikTok, Reddit, and Imgur because of privacy concerns about how they are processing children’s data. The Information Commissioner’s Office (ICO) says it’s now looking into how TikTok uses children’s data to make recommendations that could lead to inappropriate or harmful content being added to their […]
Apple pulls iCloud end-to-end encryption feature in the UK
Apple will no longer offer iCloud end-to-end encryption in the United Kingdom after the government requested a backdoor to access Apple customers’ encrypted cloud data. As Apple told GeekFeed on Friday, the optional Advanced Data Protection (ADP) feature introduced in December 2022 will no longer be available for new users in the U.K. starting today. This decision follows a secret […]
Cyber agencies share security guidance for network edge devices
Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances to improve forensic visibility to help defenders detect attacks and investigate breaches. Such devices, including firewalls, routers, virtual private networks (VPN) gateways, internet-facing servers and operational technology (OT) systems, and Internet of Things (IoT) devices, […]
UK domain registry Nominet confirms breach via Ivanti zero-day
Nominet, the official .UK domain registry and one of the largest country code registries, has confirmed that its network was breached two weeks ago using an Ivanti VPN zero-day vulnerability. The company manages and operates over 11 million .uk, .co.uk, and .gov .uk domain names and other top-level domains, including .cymru and .wales. It also […]