News

Privacy and data protection

March 17, 2022 17 Mar'22
Online Safety Bill introduced in Parliament

The government has introduced its long-awaited Online Safety Bill in Parliament, alongside new criminal offences and sanctions for tech company execs
March 17, 2022 17 Mar'22
Alarm raised over ‘trickster’ LokiLocker ransomware

The new LokiLocker ransomware is, like its namesake, adept at tricks and misdirection, say BlackBerry researchers
March 16, 2022 16 Mar'22
Two men convicted after using EncroChat cryptophones to plot killing

Evidence from the encrypted phone network EncroChat led to the conviction of two men for conspiracy to murder
March 16, 2022 16 Mar'22
German authorities warn on Kaspersky but stop short of ban

Germany authorities warn Kaspersky users to consider alternatives to the firm’s flagship antivirus software, citing national security concerns and the war on Ukraine

March 16, 2022 16 Mar'22
Kubernetes vulnerability underscores repeated security warnings

The disclosure of a new vulnerability in an important container runtime engine that underpins Kubernetes has drawn fresh warnings to pay attention to securing Kubernetes environments
March 15, 2022 15 Mar'22
Meta fined €17m over EU data breaches

The Irish Data Protection Commissioner has fined Meta after finding it in breach of GDPR rules
March 15, 2022 15 Mar'22
Supreme Court refuses Julian Assange extradition appeal

The case will be referred to the home secretary Priti Patel to make a decision. The WikiLeaks founder has yet to say whether he will file further appeals
March 11, 2022 11 Mar'22
Police EncroChat cryptophone hacking implant did not work properly and frequently failed

Surveillance operation against EncroChat encrypted phone network had repeated technical failures
March 09, 2022 09 Mar'22
Paid-for advertising measures included in Online Safety Bill

New measures to deal with fraudulent paid-for advertising have been included in the government’s draft Online Safety Bill, marking the fourth extension in two months
March 04, 2022 04 Mar'22
Scrapping NHS Digital a backward step for patient data rights

Former NHS Digital chair Kingsley Manning has spoken out over proposals to fold NHS Digital into NHS England, saying that more oversight is needed to safeguard patient data in light of recent events

March 03, 2022 03 Mar'22
Direct action is a risky business for Ukraine's volunteer hackers

Hackers have been responding to Ukraine’s call to create an IT army, but there are many reasons why taking direct action in a kinetic conflict is a bad idea
March 03, 2022 03 Mar'22
Use of encrypted Telegram platform soars in Ukraine, Russia

Encrypted messaging service Telegram is proving a valuable asset to both sides in Russia’s war on Ukraine
March 01, 2022 01 Mar'22
BBC blasted with millions of malicious emails

Responding to an FoI request, the BBC has revealed it receives more than 300,000 malicious email attacks every day
March 01, 2022 01 Mar'22
DCMS opens consultation on telecoms cyber standards

Proposed rules will set out the specific measures telecoms providers need to take to fulfil their legal duties under the Telecommunications Security Act
February 28, 2022 28 Feb'22
Ukraine cyber attacks seen spiking, but no destructive cyber war yet

While cyber attacks linked to Russia’s war on Ukraine are taking place, they are having little impact beyond the region
February 25, 2022 25 Feb'22
Irish data watchdog calls for ‘objective metrics’ for big tech regulation

Helen Dixon, Ireland’s data protection commissioner, says EU regulators must agree on metrics to measure the effectiveness of data protection regulation
February 24, 2022 24 Feb'22
KnowBe4 cyber drama tackles Colonial Pipeline in fourth season

KnowBe4’s ongoing cyber security training drama, The Inside Man, reaches its fourth season with a plot drawing inspiration from one of the most impactful cyber attacks of 2021
February 24, 2022 24 Feb'22
New wave of cyber attacks on Ukraine preceded Russian invasion

A wave of DDoS attacks, and a second data wiper attack, were seen hitting Ukraine in the hours leading up to the Russian invasion
February 24, 2022 24 Feb'22
New cyber guidelines to safeguard construction sector

NCSC launches sector-specific security guidance for organisations in the construction industry, with input from the Chartered Institute of Building
February 23, 2022 23 Feb'22
Paid-for advertising still not covered in Online Safety Bill

Consumer group Which? calls again for government to include measures against scam paid-for advertising in the Online Safety Bill
February 23, 2022 23 Feb'22
Backups ‘no longer effective’ for stopping ransomware attacks

Traditional methods of mitigating ransomware are less efficacious thanks to the rise in double and triple extortion techniques
February 23, 2022 23 Feb'22
No imminent cyber threat to UK from Russia

Intelligence officials say they have no evidence or indication that Russian cyber attackers are preparing offensive assaults on infrastructure or organisations in Britain
February 23, 2022 23 Feb'22
Attempted burglary exposes risk of NatWest customer data in former worker’s home

Former Royal Bank of Scotland employee offers bank a compromise in her dispute over the return of confidential customer information
February 23, 2022 23 Feb'22
Tech acquisition to be major priority for UK police

Policing minister cites technology as major focus for future of UK police, in comments made ahead of the publication of the Strategic Review of Policing in England and Wales
February 21, 2022 21 Feb'22
Zoom gains NCSC Cyber Essentials Plus and NHS security badges

Video platform Zoom has added a number of UK-specific cyber certifications to help it demonstrate its platform is safeguarded against common threats
February 18, 2022 18 Feb'22
Lawyers say ‘unprecedented’ secrecy deprived EncroChat defendants of fair trials

Lawyers from seven countries say it is impossible for their clients to challenge the accuracy, authenticity, reliability and legality of the evidence against them
February 17, 2022 17 Feb'22
Red Cross cyber attack the work of nation-state actors

The International Committee of the Red Cross now believes the January 2022 attack on its systems to have been the work of an undisclosed nation state
February 16, 2022 16 Feb'22
2021 another record year for UK cyber investment

Total revenue generated by the UK’s cyber sector was up 14% last year, and UK-registered security firms raised over £1bn in investment
February 16, 2022 16 Feb'22
DDoS attacks hit Ukrainian defence ministry and banks

A further wave of cyber attacks has taken place against targets in Ukraine amid heightened tension in the region
February 16, 2022 16 Feb'22
BlackCat ransomware gang claims responsibility for Swissport attack

Ransomware gang is trying to offload 1.6TB of data stolen from aviation services firm
February 16, 2022 16 Feb'22
Retrospect Backup refines anomaly detection in ransomware battle

StorCentric backup software brand allows customer fine-tuning of anomaly detection in struggle against ransomware, and adds immutable copies via object locking in Azure
February 15, 2022 15 Feb'22
Botched third-party configuration exposes Internet Society data to web

Personal data on members of The Internet Society was exposed after a supplier failed to secure its Azure storage
February 15, 2022 15 Feb'22
Parasol data breach: Frustrated IT contractors dig into the dark web in search of their data

The emergence on the dark web of passports, payslips and other personal documents belonging to contractors affected by the cyber attack and subsequent data breach at Parasol is prompting group actions and forcing some IT contractors to find out for ...
February 11, 2022 11 Feb'22
CMA secures final Privacy Sandbox guarantees from Google

The CMA has secured a final set of Privacy Sandbox commitments from Google relating to the proposed removal of third-party cookies from its Chrome browser
February 11, 2022 11 Feb'22
Lack of knowledge disastrous for effective security strategy within Dutch companies

Most Dutch companies still haven’t realised that security is an integral part of their IT and company strategy
February 10, 2022 10 Feb'22
How diplomatic immunity silenced the prosecutor who coordinated Sweden’s EncroChat probe

Defence lawyers claim Swedish court decision not to hear evidence from a Swedish prosecutor leaves important legal questions unanswered over international police operation to hack EncroChat cryptophone network
February 09, 2022 09 Feb'22
Minister defends digital economy legislation before Lords

A digital minister has said that the UK’s forthcoming digital markets legislation is ‘superior’ to similar efforts in the EU, but could not commit to a specific time frame for when it will be introduced to Parliament
February 09, 2022 09 Feb'22
Ransomware ever more sophisticated and impactful, warns NCSC

UK’s National Cyber Security Centre teams up with US and Australian partners in a joint advisory warning organisations of the increasing sophistication exhibited by criminal ransomware gangs
February 08, 2022 08 Feb'22
The Security Interviews: Building the UK’s future cyber ecosystem

As the government lays out the next iteration of its Cyber Security Strategy, we speak to Plexal and Lorca’s Saj Huq about his work building a cyber ecosystem to support the UK’s future ambitions
February 08, 2022 08 Feb'22
Parasol data breach: Contractors rage as fallout from umbrella cyber attack continues

Contractors working for the Parasol umbrella company are querying why it has taken so long for news of the firm's data breach, which is linked to a cyber attack on its systems five weeks ago, to come to light
February 08, 2022 08 Feb'22
Porn sites will be legally required to verify users’ ages

Porn sites could be legally obliged to verify that their users are 18 or over under proposed online safety rules, in UK government’s second attempt to prevent children from accessing pornography online
February 08, 2022 08 Feb'22
Right to disconnect and less monitoring key to better remote work

The World Health Organisation and International Labour Organisation warn against invasive workplace surveillance and promote right to disconnect in joint briefing on how to promote healthy and safe remote working
February 03, 2022 03 Feb'22
BlackCat crew supposedly behind OilTanking ransomware heist

Preliminary reports from Germany’s national cyber authority indicate the recent OilTanking ransomware attack may have been the work of the BlackCat group
February 03, 2022 03 Feb'22
Crisp supply shortage looms after KP Snacks hit by ransomware

Supplies of Hula Hoops and many other snack brands are under threat after a ransomware attack on the systems of KP Snacks
February 03, 2022 03 Feb'22
French Supreme Court raises constitutional questions over EncroChat hacking secrecy

Conseil Constitutionnel to decide whether ‘defence secrecy’ over state EncroChat cryptophone hacking breaches French constitution
February 02, 2022 02 Feb'22
Mechanism underlying cookie popups found in breach of GDPR

A fundamental element of the mechanism by which the advertising industry requests tracking consent from web users has been found in breach of the General Data Protection Regulation
February 02, 2022 02 Feb'22
Reforms needed to tackle economic crime, says Treasury Committee

The Treasury Committee is disappointed at progress towards tackling economic crime and fraud in both the online and offline worlds, and is calling for more action
February 02, 2022 02 Feb'22
British Council data exposed by third-party cyber failure

The British Council entrusted confidential data on its students to a third-party and was let down
February 01, 2022 01 Feb'22
Met Police faces legal action over Gangs Matrix

Campaign group Liberty is taking legal action against the Met over its use of the Gangs Matrix, claiming it is driven by racial stereotypes and disproportionately affects people from black and minority ethnic backgrounds
January 31, 2022 31 Jan'22
Data on children of armed forces personnel exposed in breach

Data on 4,142 children of serving armed forces personnel was exposed in a data breach at the Ministry of Defence