Wednesday, October 27, 2021

Ransomware attacks in UK have doubled in a year, says GCHQ boss

Jeremy Fleming says ransomware is proliferating as it is ‘largely uncontested’ and highly profitableThe head of the UK spy agency GCHQ has disclosed that the number of ransomware attacks on British institutions has doubled in the past year.Jeremy Fleming,...

At least 13 phone firms hit by suspected Chinese hackers since 2019, say experts

LightBasin hackers were able to obtain subscriber information and call metadata, says CrowdStrikeAt least 13 phone companies around the world have been compromised since 2019 by sophisticated hackers who are believed to come from China, a cybersecurity expert group...

NSO Pegasus spyware can no longer target UK phone numbers

Israeli maker of surveillance software blocked +44 code after detecting hack against Princess Haya, source saysThe powerful spyware used to hack into mobile phones belonging to Princess Haya and her divorce lawyer Fiona Shackleton is no longer effective against...

Dubai ruler hacked ex-wife using NSO Pegasus spyware, high court judge finds

Sheikh Mohammed used spyware on Princess Haya and five associates in unlawful abuse of power, judge rules The ruler of Dubai hacked the phone of his ex-wife Princess Haya using NSO Group’s controversial Pegasus spyware in an unlawful abuse...

‘The walls are closing in on me’: the hacking of Princess Haya

Court judgments reveal how Sheikh Mohammed’s use of Pegasus spyware against his ex-wife was uncovered Eleven court judgments, covering 181 pages, plus hundreds of other pages of legal documents have revealed an extraordinary spying scandal: state-sponsored mobile phone hacking...

Nuisance calls could lead to multimillion-pound fines in UK

Ministers considering bringing punishment in line with GDPR, which can issue fine of up to £17.5mMultimillion-pound fines could be imposed for nuisance or fraudulent calls and texts under a proposed overhaul of the UK’s data rules.Companies behind nuisance communications...

What is GDPR and why does the UK want to reshape its data laws?

The government says an overhaul will boost growth and increase trade – but it must be careful not to go too farThe government has announced plans to reshape the UK’s data laws such as GDPR requirements in an effort,...

UK to overhaul privacy rules in post-Brexit departure from GDPR

Culture secretary says move could lead to an end to irritating cookie popups and consent requests onlineBritain will attempt to move away from European data protection regulations as it overhauls its privacy rules after Brexit, the government has announced.The...

Australians hit by ‘Flubot’ malware that arrives by text message

New scam spreads to Australia from Europe, targeting thousands of Android usersThousands of Australians have been hit by a new scam text message known as Flubot, which aims to install malware on their phones.Flubot is a type of malware...

UK security chiefs issue guidance after hackers target ministers on WhatsApp

Exclusive: civil service chief points to work to improve cybersecurity in response to Labour concerns Ministers and civil servants conducting “government by WhatsApp” have been exposed to hackers, leading to new advice from security chiefs about how to improve...

Password of three random words better than complex variation, experts say

National Cyber Security Centre recommends approach for improved combination of usability and safetyIt is far better to concoct passwords made up of three random words than to use more complex variations involving streams of letters, numbers and symbols, government...

Officials who are US allies among targets of NSO malware, says WhatsApp chief

Will Cathcart claims government officials around the world among 1,400 WhatsApp users targeted in 2019Senior government officials around the world – including individuals in high national security positions who are “allies of the US” – were targeted by governments...

The Pegasus project: why investigations like this are at the heart of the Guardian’s mission

Guardian editor-in-chief Katharine Viner reflects on our recent investigation into NSO Group, which sells hacking spyware used by governments around the world, and explains why journalism like this is so vital When the Guardian’s head of investigations, Paul Lewis,...

How NSO became the company whose software can spy on the world

The Pegasus project has raised new concerns about the Israeli firm, which is a world leader in the niche surveillance marketIn 2019, when NSO Group was facing intense scrutiny, new investors in the Israeli surveillance company were on a...

Data officers raid two properties over Matt Hancock CCTV footage leak

Computer equipment and electronic devices seized in connection with images of minister kissing aideTwo residential properties in the south of England have been raided by data protection officers, as part of their investigation into who leaked CCTV footage of...
The Register

China Telecom booted out of USA as Feds worry it could disrupt or spy on local networks

FCC urges more action against Huawei and DJI, too The US Federal Communications Commission (FCC) has terminated China Telecom's authority to provide communications services in the USA.…
SecurityWeek

150 People Arrested in US-Europe Darknet Drug Probe

Law enforcement officials in the U.S. and Europe have arrested 150 people and seized more than $31 million in an international drug trafficking investigation stemming from sales on the darknet, the Justice Department said Tuesday. read more

Free Tool Helps Security Teams Measure Their API Attack Surface

Data Theorem's free API Attack Surface Calculator helps security teams understand potential API exposures.

SquirrelWaffle Loader Malspams, Packing Qakbot, Cobalt Strike

Say hello to what could be the next big spam player: SquirrelWaffle, which is spreading with increasing frequency via spam campaigns and infecting systems with a new malware loader.

North Korea's Lazarus Group Turns to Supply Chain Attacks

State-backed group is among a growing number of threat actors looking at supply chain companies as an entry point into enterprise networks.