Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 1 / 4
72 résultats taggé UK  ✕
UK pioneering global move away from passwords https://www.ncsc.gov.uk/news/government-adopt-passkey-technology-digital-services
10/05/2025 22:47:01
QRCode
archive.org
thumbnail

Government to roll out passkey technology across digital services as an alternative to SMS-based verification.

Government to roll out passkey technology across digital services as an alternative to SMS-based verification.
Arkadiusz Wargula via Getty Images
Government set to roll out passkey technology across digital services later this year.
SMS-based verification to be replaced by more secure, cost-effective solution.
NCSC joins FIDO Alliance to shape international passkey standards.
The UK government is set to roll out passkey technology for its digital services later this year as an alternative to the current SMS-based verification system, offering a more secure and cost-effective solution that could save several million pounds annually.

Announced on the first day of the government’s flagship cyber security event, CYBERUK, the move to implement passkey technology for the government’s GOV.UK services marks a major step forward in strengthening the nation’s digital security.

Passkeys are unique digital keys that are today tied to specific devices, such as a phone or a laptop, that help users log in safely without needing an additional text message or other code. When a user logs in to a website or app, their device uses this digital key to prove the user’s identity without needing to send a code to a secondary device or to receive user input.

This method is more secure because the key remains stored on the device and cannot be easily intercepted or stolen, making them phishing-resistant by design. As a result, even if someone attempts to steal a password or intercept a code, they would be unable to gain access without the physical device that contains the passkey.

The NCSC considers passkey adoption as vital for transforming cyber resilience at a national scale, and the UK is already leading internationally with the NHS becoming one of the first government organisations in the world to offer passkeys to users.

In addition to enhanced security and cost savings, passkeys offer users a faster login experience, saving approximately one minute per login when compared to entering a username, password, and SMS code.

ncsc.gov.uk EN 2025 CYBERUK passwords passkey NCSC UK digital-keys
NCSC statement: Incident impacting retailers https://www.ncsc.gov.uk/news/retailers-incident
04/05/2025 13:06:21
QRCode
archive.org
thumbnail

Following news of cyber incidents impacting UK retailers, the NCSC can confirm it is working with organisations affected.

NCSC CEO Dr Richard Horne said:

“The disruption caused by the recent incidents impacting the retail sector are naturally a cause for concern to those businesses affected, their customers and the public.

“The NCSC continues to work closely with organisations that have reported incidents to us to fully understand the nature of these attacks and to provide expert advice to the wider sector based on the threat picture.

“These incidents should act as a wake-up call to all organisations. I urge leaders to follow the advice on the NCSC website to ensure they have appropriate measures in place to help prevent attacks and respond and recover effectively.”

ncsc.gov.uk EN 2025 UK cyberattacks NCSC incidents retailers wake-up call
DragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front door https://doublepulsar.com/dragonforce-ransomware-cartel-attacks-on-uk-high-street-retailers-walking-in-the-front-door-52ed8ba68534
04/05/2025 00:44:20
QRCode
archive.org

The individuals operating under the DragonForce banner and attacking UK high street retailers are using social engineering for entry. I think it’s in the public interest to break down what is happening.

The attacks on Marks and Spencer, Co-op and Harrods are linked. DragonForce’s lovely PR team claim more are to come.

Defenders should urgently make sure they have read the CISA briefs on Scattered Spider and LAPSUS$ as it’s a repeat of the 2022–2023 activity which saw breaches at Nvidia, Samsung, Rockstar and Microsoft amongst many others. More info below.

I am not saying it is Scatter Spider; Scattered Spider has become a dumping ground for e-crime groups anyway. The point is they — the threat actor — are entering using the front door, via the helpdesk to get MFA access — those are very good guides from defenders about what to do, links below.

Source: Cybersecurity and Infrastructure Security Agency
DragonForce is a white label cartel operation housing anybody who wants to do e-crime. Some of them are pretty good at e-crime.

While organisations are away at RSA thinking about quantum AI cyber mega threats — the harsh reality is most organisations do not have the foundations in place to do be worrying about those kind of things. Generative AI is porn for execs and growth investment — threat actors are very aware that now is the time to launch attacks, not with GenAI, but foundational issues. Because nobody is paying attention.

Once they get access, they are living off the land — using Teams, Office search to find documentation, the works. Forget APTs, now you have the real threat: Advanced Persistent Teenagers, who have realised the way to evade most large cyber programmes is to cosplay as employees. Last time this happened, the MET Police ended up arresting a few under-18 UK nationals causing incidents to largely drop off.

doublepulsar EN 2025 UK DragonForce Ransomware Cartel attacks
Some M&S stores left with empty shelves after cyber attack https://www.bbc.co.uk/news/articles/cy489zelvx2o
29/04/2025 14:05:28
QRCode
archive.org
thumbnail

Some Marks & Spencer (M&S) stores have been left with empty food shelves as the retailer continues to struggle with a cyber attack affecting its operations.

Online orders have been paused on the company's website and app since Friday, following problems with contactless pay and Click & collect over the Easter weekend.

The BBC understands food availability should be back to normal by the end of the week.

Meanwhile, security experts say a cyber crime group calling itself DragonForce is behind the mayhem.

bbc EN UK 2025 Marks&Spencer M&S Cyberattack food availability DragonForce
British firms urged to hold video or in-person interviews amid North Korea job scam | Technology | The Guardian https://www.theguardian.com/technology/2025/apr/20/british-firms-urged-to-hold-video-or-in-person-interviews-amid-north-korea-job-scam
27/04/2025 11:58:46
QRCode
archive.org
thumbnail

Google intelligence report finds UK is a particular target of IT worker ploy that sends wages to Kim Jong Un’s state

British companies are being urged to carry out job interviews for IT workers on video or in person to head off the threat of giving jobs to fake North Korean employees.

The warning was made after analysts said that the UK had become a prime target for hoax IT workers deployed by the Democratic People’s Republic of Korea. They are typically hired to work remotely, enabling them to escape detection and send their wages to Kim Jong-un’s state.

Google said in a report this month that a case uncovered last year involved a single North Korean worker deploying at least 12 personae across Europe and the US. The IT worker was seeking jobs within the defence industry and government sectors. Under a new tactic, the bogus IT professionals have been threatening to release sensitive company data after being fired.

theguardian EN 2025 scam North-Korea jobs warning UK Google in-person interviews
M&S stops online orders and issues refunds after cyber attack https://www.bbc.com/news/articles/cdxnkg7rln2o
27/04/2025 11:46:43
QRCode
archive.org
thumbnail

The firm has stopped taking orders on its website and apps, including for food and clothes.
Marks & Spencer (M&S) says it has stopped taking online orders as the company struggles to recover from a cyber attack.

Customers began reporting problems last weekend, and on Tuesday the retailer confirmed it was facing a "cyber incident".

Now, M&S has entirely paused orders on its website and apps - including for food deliveries and clothes - and says it will refund orders placed by customers on Friday.

The firm's shares fell by 5% following the announcement, before recovering.

Online orders remained paused on Saturday morning.

"We are truly sorry for this inconvenience," the retailer wrote in a post on X.

"Our experienced team - supported by leading cyber experts - is working extremely hard to restart online and app shopping.

"We are incredibly grateful to our customers, colleagues and partners for their understanding and support."

bbc EN 2025 Marks&Spencer M&S orders cyberincident disruptions stores UK
UK bans export of video game controllers to Russia to hinder attack drone pilots https://therecord.media/uk-bans-video-game-controllers
25/04/2025 09:35:39
QRCode
archive.org
thumbnail

In a sanctions package including more than 150 new measures, the British government said it was closing loopholes being exploited by the Kremlin.

therecord.media EN 2025 Russia-Ukraine-war UK ban game controllers drones legal sanctions pilots
NCSC issues warning over Chinese Moonshine and BadBazaar spyware https://www.computerweekly.com/news/366622023/NCSC-issues-warning-over-Chinese-Moonshine-and-BadBazaar-spyware?ref=metacurity.com
09/04/2025 20:17:27
QRCode
archive.org
thumbnail

Two spyware variants – Moonshine and BadBazaar – are being used to target the mobile devices of persons of interest to Chinese intelligence, including individuals in the Taiwanese, Tibetan and Uyghur communities.

computerweekly EN UK 2025 NCSC spyware warning Moonshine BadBazaar Skype WhatsApp
Royal Mail Group Loses 144GB to Infostealers: Same Samsung Hacker, Same 2021 Infostealer Log | InfoStealers https://www.infostealers.com/article/royal-mail-group-loses-144gb-to-infostealers-same-samsung-hacker-same-2021-infostealer-log/
06/04/2025 11:17:46
QRCode
archive.org
thumbnail

Just days after reporting on the Samsung Tickets data breach, another massive leak has surfaced, this time targeting Royal Mail Group, a British institution with over 500 years of history.

On April 2, 2025, a threat actor known as “GHNA” posted on BreachForums, announcing the release of 144GB of data stolen from Royal Mail Group. The breach, once again facilitated through Spectos, a third-party service provider, exposes personally identifiable information (PII) of customers, confidential documents, internal Zoom meeting video recordings, delivery location datasets, a WordPress SQL database for mailagents.uk, Mailchimp mailing lists, and more.

infostealers EN025 UK GHNA BreachForums Data-Leak Royal-Mail
UK healthcare giant HCRG confirms hack after ransomware gang claims theft of sensitive data https://techcrunch.com/2025/02/20/uk-healthcare-giant-hcrg-confirms-hack-after-ransomware-gang-claims-theft-of-sensitive-data/
20/02/2025 15:07:38
QRCode
archive.org
thumbnail

The prolific Medusa ransomware group claims to have stolen troves of data from HCRG, including patients’ sensitive health data

techcrunch EN 2025 ransomware Medusa HCRG health UK
Casio Website Infected With Skimmer https://www.securityweek.com/casio-website-infected-with-skimmer/
10/02/2025 12:06:58
QRCode
archive.org

A threat actor has infected the website of Casio UK and 16 other victims with a web skimmer that altered the payment flow to harvest and exfiltrate visitors’ information, web security provider Jscrambler reports.

securityweek EN 2025 Casio UK Skimmer website
Passkeys: they're not perfect but they're getting better https://www.ncsc.gov.uk/blog-post/passkeys-not-perfect-getting-better
19/01/2025 10:31:08
QRCode
archive.org
thumbnail

Now we’re in 2025, a lot more services are offering passkeys as a replacement for passwords and the NCSC believes they are the future of modern authentication. However, there are still some significant bumps in the road ahead. Here we set out the case for mass adoption of passkeys and outline the remaining issues which are hindering their widespread implementation. The NCSC will work alongside industry to help resolve these problems and help to get passkeys over the line.

ncsc.gov.uk EN 2025 UK Passkeys betterpasswords
Ministers consider ban on all UK public bodies making ransomware payments | Cybercrime | The Guardian https://www.theguardian.com/technology/2025/jan/14/ministers-consider-ban-on-all-uk-public-bodies-making-ransomware-payments
15/01/2025 09:11:56
QRCode
archive.org
thumbnail

Prohibition would bring the NHS, schools and local councils into line with government departments

theguardian EN 2024 UK ransomware payment banned government
UK domain giant Nominet confirms cybersecurity incident linked to Ivanti VPN hacks | TechCrunch https://techcrunch.com/2025/01/13/uk-domain-giant-nominet-confirms-cybersecurity-incident-linked-to-ivanti-vpn-hacks/
13/01/2025 13:25:29
QRCode
archive.org
thumbnail

Nominet, the U.K. domain registry that maintains .co.uk domains, has experienced a cybersecurity incident that it confirmed is linked to the recent

techcrunch EN 2025 UK incident Ivanti Nominet
Inside Operation Destabilise: How a ransomware investigation linked Russian money laundering and street-level drug dealing https://therecord.media/operation-destabilise-money-laundering-investigation-uk-nca
23/12/2024 13:44:58
QRCode
archive.org
thumbnail

U.K. investigators tell the story of how examining a cybercrime group's extortion funds helped to unravel a money-laundering network reaching from the illegal drug trade to Moscow's elite.

therecord.media EN 2024 Operation-Destabilise ransomware Russia UK cybercrime money-laundering
Ransomware hackers target NHS hospitals with new cyberattacks https://techcrunch.com/2024/12/04/ransomware-hackers-target-nhs-hospitals-with-new-cyberattacks/
09/12/2024 11:03:43
QRCode
archive.org
thumbnail

Two NHS trusts in England have been hacked in recent weeks, the latest attacks to hit the national health service.

techcrunch EN 2024 INCRansomware NHS UK health ransomware
UK hospital network postpones procedures after cyberattack https://www.bleepingcomputer.com/news/security/uk-hospital-network-postpones-procedures-after-cyberattack/
28/11/2024 15:54:50
QRCode
archive.org
thumbnail

Major UK healthcare provider Wirral University Teaching Hospital (WUTH), part of the NHS Foundation Trust, has suffered a cyberattack that caused a systems outage leading to postponing appointments and scheduled procedures.

bleepingcomputer EN 2024 Cyberattack Healthcare NHS Outage UK
UK drinking water supplies disrupted by record number of undisclosed cyber incidents https://therecord.media/uk-drinking-water-infrastructure-cyber-incident-reports?is=e4f6b16c6de31130985364bb824bcb39ef6b2c4e902e4e553f0ec11bdbefc118
27/11/2024 09:11:25
QRCode
archive.org

A record number of cyber incidents impacted Britain’s critical drinking water supplies this year without being publicly disclosed, according to information obtained by Recorded Future News.

The exact nature of these incidents is unclear, and they may include operational failures as well as attacks. Under British cybersecurity laws — known as the NIS Regulations — critical infrastructure companies are required to report “significant incidents” to the government within three days or face a fine of up to £17 million ($21 million).

therecord.media EN 2024 record number cyber-incidents UK critical-infrastructure drinking water supplies
Cyberattack disables tracking systems and panic alarms on British prison vans https://therecord.media/british-prison-vans-cyberattack
07/11/2024 08:30:49
QRCode
archive.org
thumbnail

Microlise, a telematics company, said a network intrusion affected services that it provides to British prisoner escort vans.

therecord.media EN 2024 Microlise UK telematics company prisoner escort vans
Lynx Ransomware: A Rebranding of INC Ransomware https://unit42.paloaltonetworks.com/inc-ransomware-rebrand-to-lynx/
21/10/2024 21:24:56
QRCode
archive.org
thumbnail

Discover recent attacks using Lynx ransomware, a rebrand of INC, targeting multiple crucial sectors in the U.S. and UK with prevalent double-extortion tactics. Discover recent attacks using Lynx ransomware, a rebrand of INC, targeting multiple crucial sectors in the U.S. and UK with prevalent double-extortion tactics.

paloaltonetworks EN 2024 Lynx Ransomware INC US UK analysis
page 1 / 4
4258 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio