Bleeping Computer
INC ransomware source code selling on hacking forums for $300,000
A cybercriminal using the name "salfetka" claims to be selling the source code of INC Ransom, a ransomware-as-a-service (RaaS) operation launched in August 2023.
The Record
Stolen children’s health records posted online in extortion bid
Cybercriminals have published another batch of data stolen from NHS Dumfries and Galloway in Scotland, this time including information about children.
The Cyber Express
UK Ministry of Defence Suffers Major Data Breach, China’s Involvement Suspected
The personal data of an unspecified number of active UK military personnel had been compromised in a significant Ministry of
Infosecurity News
YMCA Fined for Data Breach, ICO Raises Concerns About Privacy
Central YMCA was fined £7,500 for a data breach exposing HIV information of support program participants, prompting the ICO to call for stronger privacy protections for people with HIV
Infosecurity News
Leeds Talent Pool Attracts BlueVoyant’s First UK SOC
The proximity of organizations’ headquarters, like Asda’s and NHS England’s, prompted BlueVoyant to choose Leeds as the location for its first UK SOC
Bleeping Computer
UK e-visa rollout begins today: no more immigration cards for millions
Starting today, millions living in the UK will receive email invitations to sign up for an e-visa account that will replace their physical immigration documents like Biometric Residence Permits (BRPs). The move is, according to the Home Office, "a key step in creating a modernised and digital border."
Bleeping Computer
UK e-visa rollout starts today for millions: no more physical immigration cards
Starting today, millions living in the UK will receive email invitations to sign up for an e-visa account that will replace their physical immigration documents like Biometric Residence Permits (BRPs). The move is, according to the Home Office, "a key step in creating a modernised and digital border."
Infosecurity News
Leicester Council Confirms Confidential Documents Leaked in Ransomware
Leicester City Council confirmed around 25 sensitive documents have been leaked online, including personal ID information, following claims by the Inc Ransom gang
The Record
Leicester City Council confirms ransomware attack after confidential documents leaked
A city official said Wednesday that "a small number of documents held on our servers have been published by a known ransomware group.”
CyberNews
Ransomware cartel claims Leicester City, shares data
INC Ransom claimed Leicester City Council, posting sensitive data.
Security Affairs
Security Affairs newsletter Round 465 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
The Record
Ransomware gang leaks stolen Scottish healthcare patient data in extortion bid
A cybercrime group has published information stolen from NHS Dumfries and Galloway.
Infosecurity News
17 Billion Personal Records Exposed in Data Breaches in 2023
Flashpoint recorded a 34.5% rise in reported data breaches in 2023, with ransomware a major driver of this increase
Infosecurity News
Calls to Incident Response Helpline Double in a Year
A rising volume of calls to the Scottish Cyber and Fraud Centre highlights surging threat levels
CyberNews
NHS health board confirms ransomware attack
NHS board's head called the release of clinical data "deplorable."
Security Affairs
INC Ransom stole 3TB of data from National Health Service (NHS) of Scotland
INC Ransom extortion group hacked National Health Service (NHS) of Scotland and is threatening to leak three terabytes of alleged stolen data
Bleeping Computer
INC Ransom threatens to leak 3TB of NHS Scotland stolen data
The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service (NHS) of Scotland.
Infosecurity News
NHS Trust Confirms Clinical Data Leaked by Recognized Ransomware Group
NHS Dumfries and Galloway confirmed that patient clinical data was leaked following the attack on its systems earlier in March 2024
HACKRead
INC Ransomware Hits NHS Scotland, Threatens Leak of 3TB Patient Data
The INC ransomware gang has targeted the National Health Service in Scotland, commonly known as NHS Scotland, Hackread.com reports.
The Cyber Express
NHS Scotland Faces Data Breach in Alleged Cyberattack
The National Health System (NHS) of Scotland allegedly fell victim to a cyberattack, purportedly orchestrated by INC Ransom. The message
CyberNews
NHS Scotland allegedly had 3TB of data stolen
NHS Scotland was posted on INC Ransom's dark web blog.
SecurityWeek
UK Firm Think Cyber Raises $3.8 Million for Staff Security Nudging
Think Cyber focuses on reducing "bad" staff behavior with a solution designed to increase secure behavior through the concept of ‘nudging’.
Infosecurity News
ICO Probes Kate Middleton Medical Record Breach
The ICO said it is assessing the reported breach of Kate Middleton’s medical records at The London Clinic
HACKRead
NHS Dumfries and Galloway Faces Cyberattack, Patient Data at Risk
NHS Dumfries and Galloway, a health board serving the southwestern region of Scotland, announced on Friday, March 15, 2024.
Infosecurity News
NHS Dumfries and Galloway Warns of “Significant” Data Theft
Scottish NHS trust reveals patient and staff data may have been taken in security breach
DarkReading
NHS Breach, HSE Bug Expose Healthcare Data in the British Isles
Whoopsies in Ireland and Scotland speak to a tenuousness of cyber protections for sensitive private healthcare data.
CyberNews
NHS health board breach may include patient data
NHS Dumfries and Galloway breach may have exposed sensitive user details.
The Record
Scottish health service says ‘focused and ongoing cyber attack’ may disrupt services
NHS Dumfries and Galloway said there were “incursions into our systems” and warned “there is a risk that hackers have been able to acquire a significant quantity of data.”
The Record
Cybercriminal groups actively exploiting ‘catastrophic’ ScreenConnect bug
Researchers said that “attacks against both servers and client machines are currently underway” as attackers attempt to exploit the critical vulnerability.
Bleeping Computer
UK to replace physical biometric immigration cards with e-visas
By 2025, Britain is set to ditch physical immigration documents like Biometric Residence Permits (BRPs) and Biometric Residence Cards (BRCs) in a bid to make its borders digital, in-line with developed countries like Australia. Understand what these Home Office changes mean for existing BRP and BRC holders, and what you need to do.
Bleeping Computer
UK to ditch plastic immigration biometric cards, goes digital
By 2025, Britain is set to ditch physical immigration documents like Biometric Residence Permits (BRPs) and Biometric Residence Cards (BRCs) in a bid to make its borders digital, in-line with developed countries like Australia. Understand what these Home Office changes mean for existing BRP and BRC holders, and what you need to do.
SecurityWeek
Hacker Conversations: Rob Dyke on Legal Bullying of Good Faith Researchers
Hacker Conversations Interview: SecurityWeek talks to hacker Rob Dyke to discuss corporate legal bullying of good faith researchers
DataBreaches
UK: South Tees Hospitals NHS Foundation Trust reprimanded for “serious, harmful” data breach
The Information Commissioner’s Office (ICO) has today announced it has reprimanded South Tees Hospitals NHS Foundation Trust for a data breach which resulted...
CyberNews
Ransomware landscape overview 2023
This research article aims to provide a comprehensive overview of ransomware group activity throughout the year 2023.
CyberNews
The latest malicious activity and how to deal with it
Explaining recent malicious activity and analyzing its examples.
Infosecurity News
UK at High Risk of Catastrophic Ransomware Attack, Government Ill-Prep
A UK parliament report found that large swathes of critical national infrastructure are vulnerable to ransomware
CSO
UK government vulnerable to ‘catastrophic ransomware’ attack: Report
Outdated infrastructure coupled with poor planning is making the UK government vulnerable to a major cyberattack, according to a parliamentary committee report.
Infosecurity News
Cambridge Hospitals Admit Two Excel-Based Data Breaches
Information on cancer and maternity patients was accidentally disclosed by Cambridge University Hospitals NHS Foundation Trust
DataBreaches
Data breach by Addenbrooke’s Hospital reveals patient information
Mariam Issimdar and Nikki Fox report: A hospital trust has apologized after private information on more than 22,000 patients was released in two breaches. The...
DataBreaches
U.K.: Hospitals urged to improve data protection standards following incident at NHS Fife
From the Information Commissioner’s Office: The Information Commissioner’s Office (ICO) has issued a reprimand to NHS Fife, after an unauthorised...
The Record
Potentially hundreds of UK law firms affected by cyberattack on IT provider CTS
The managed service provider CTS confirmed it had experienced a "cyber-incident." At least one report said the CitrixBleed bug was involved.
Infosecurity News
Secretary Fined For Accessing Scores of Patient Records
NHS worker broke strict rules governing the special category data
DataBreaches
UK: Former NHS secretary found guilty of illegally accessing medical records
A reminder of the insider threat: A former NHS employee has been found guilty and fined for illegally accessing the medical records of over 150 people. Loretta...
Infosecurity News
British Library: Ransomware Recovery Could Take Months
Famed institution warns of ongoing disruption
The Record
UK government fails to bring forward promised cyber laws in King’s Speech
Legislation that would have, in the government’s own words, “better protected” essential services in the country — including in the water, energy and transport sectors — is now unlikely to be introduced to Parliament until 2025, and probably won’t take effect until 2026 at the earliest.
Infosecurity News
NHS Trust Slammed After IT Snafu Delays Thousands of Referrals
Regulator highlights major data handling errors
CSO
UK Prime Minister announces world’s first AI Safety Institute
AI Safety Institute will examine, evaluate, and test new types of artificial intelligence
CSO
UK data regulator warns that data breaches put abuse victims’ lives at risk
The UK Information Commissioner’s Office has reprimanded seven organizations in the past 14 months for data breaches affecting victims of domestic abuse.
Infosecurity News
Regulator Warns Breaches Can Cost Lives
ICO says handling of domestic abuse victims’ data must improve
DataBreaches
Data breaches put domestic abuse victims’ lives at risk, UK Information Commissioner warns
From the U.K. Information Commissioner’s Office: Warning comes after the ICO reprimands seven organisations in the past 14 months for data breaches...
Ars Technica
Chinese hackers have unleashed a never-before-seen Linux backdoor
SprySOCKS borrows from open source Windows malware and adds new tricks.
CSO
New research reveals most-attacked, most-vulnerable assets
While medical devices are the most susceptible to unpatched CVEs, operational technology assets are the most attacked.
Infosecurity News
Sydney University Suffers Supply Chain Breach
Blast radius appears limited to international students
Security Affairs
UK govt contractor MPD FM leaks employee passport data
UK govt contractor MPD FM left an open instance that exposed employee passports, visas, and other sensitive data MPD FM, a facility management and security company providing services to various UK government departments, left an open instance that exposed employee passports, visas, and other sensitive data. MPD FM boasts of being the UK’s leading “facility […]
DataBreaches
NHS Staff Reprimanded For WhatsApp Data Sharing
Phil Muncaster reports: An NHS trust has been reprimanded by the UK’s data protection regulator after it was discovered that staff had been sharing patient...
Infosecurity News
NHS Staff Reprimanded For WhatsApp Data Sharing
Patients’ personal data was shared on the app for years
Infosecurity News
Supply Chain Attack Hits NHS Ambulance Trusts
Electronic patient records unavailable for over a week
Security Affairs
Two ambulance services in UK lost access to patient records after a cyber attack on software provider
Swedish software firm Ortivus suffered a cyberattack that has resulted in at least two British ambulance services losing access to electronic patient records. Two British ambulance services were not able to access electronic patient records after a cyber attack that hit their software provider Ortivus. Ortivus was a Swedish software company specializing in providing solutions […]
DataBreaches
UK: Ambulance patient records system hauled offline for cyber-attack probe
Lindsay Clark reports: Several UK NHS ambulance organizations have been struggling to record patient data and pass it to other providers following a...
The Record
British ambulances unable to access patient records system following cyberattack
A cyberattack impacting Swedish software company Ortivus has left at least two British ambulance services without access to electronic patient records.
Security Affairs
Security Affairs newsletter Round 428 by Pierluigi Paganini – International edition
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Russia-linked APT Gamaredon starts stealing data from victims between 30 and 50 minutes after the initial […]
Infosecurity News
11 Million Patients Impacted in Healthcare Data Breach
HCA Healthcare said personal data of approximately 11 million patients was published on an online forum
The Hacker News
Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks
New variants of TrueBot malware targeting U.S. and Canadian organizations, exploiting a critical vulnerability in Netwrix Auditor.
Bleeping Computer
CISA: Netwrix Auditor RCE bug exploited in Truebot malware attacks
CISA and the FBI warned today of new Truebot malware variants deployed on networks compromised using a critical remote code execution (RCE) vulnerability in the Netwrix Auditor software in attacks targeting organizations across the United States and Canada.
Infosecurity News
UK Citizens Wary of NHS AI Use, Citing Privacy Concerns
In a survey, over half of UK citizens expressed privacy and security concerns over AI being used to analyze patient data
Infosecurity News
Thirty-three US Hospitals Hit By Ransomware This Year
Most had data stolen, according to Emsisoft
DataBreaches
BlackCat continues attempting to extort healthcare entities
BlackCat has been busy and continues to attack the healthcare sector here and abroad. Visitors to their leak site this week saw listings for: Coachella Valley...
DataBreaches
More than a million NHS patients’ details compromised after cyber attack
Rebecca Thomas reports: NHS details of more than a million patients have been compromised in a cyber attack, senior health chiefs have been warned. A recent...
Cyber Security News
University of Manchester Hack - Over One Million NHS patient data Exposed
The University of Manchester has recently been affected by a Ransomware Hack that impact creates to stolen 1.1 Million NHS patients’ information across 200 hospitals.
Infosecurity News
#InfosecurityEurope: What TechUK's New Plan Means for Cybersecurity
The British tech trade association called for more collaboration between government and industry actors to improve the security of critical sectors
Infosecurity News
HMRC in New Tax Credits Scam Warning
Claimants bombarded by phishing emails, phone calls and texts
DataBreaches
NHS data breach: trusts shared patient details with Facebook without consent
It seems that the Meta pixel issue that made headlines in the U.S. last June may first be hitting the NHS in the UK. Shanti Das reports: NHS trusts are sharing...
DataBreaches
Warnings over NHS data privacy after ‘stalker’ doctor shares woman’s records
Today’s reminder that insider snooping can leave patients anxious, angry, and distrustful of ever sharing their protected health information again...
Bleeping Computer
Capita warns customers they should assume data was stolen
Business process outsourcing firm Capita is warning customers to assume that their data was stolen in a cyberattack that affected its systems in early April.
DataBreaches
NHS launches probe after five-year-old takes records of 150 patients to school to use as ‘drawing paper’
Shaun Wooller reports: The NHS has launched a probe after a pupil took printed records containing details of 150 patients to school to use as drawing paper...
Infosecurity News
Capita: Data Was Taken in March Cyber Incident
IT outsourcer claims customer, employee and supplier info may be at risk
Infosecurity News
Securing Medical Devices is a Matter of Life and Death
The cybersecurity challenges of the Internet of Medical Things (IoMT) are still largely unanswered
Bleeping Computer
Capita cyberattack disrupted access to its Microsoft Office 365 apps
British outsourcing services provider Capita announced today that a cyberattack on Friday prevented access to its internal Microsoft Office 365 applications.
Infosecurity News
Outsourcer Capita Claims to Have Contained
Firm has billions of pounds worth of government contracts
DataBreaches
“A crucial learning experience.” – ICO calls for highest standards in HIV services after NHS Highland reprimand
From the U.K.’s Information Commissioner’s Office (ICO): NHS Highland reprimanded for a “serious” data breach amongst those accessing HIV...
Infosecurity News
UK Regulator: HIV Data Protection Must Improve
ICO issues call after reprimanding NHS Highland
Bleeping Computer
Cybersecurity firms warn of 3CX desktop app supply chain attack
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company's customers in an ongoing supply chain attack.
Bleeping Computer
Hackers compromise 3CX desktop app in a supply chain attack
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used to target the company's customers in an ongoing supply chain attack.
DataBreaches
UK: Braintree GP surgery warns of data breach after ‘confidential’ information blows across roads
Matt Lee reports: A GP surgery has admitted to a data breach after “confidential” information was blown into the local area whilst being obtained...
DataBreaches
Medical technology regulations and the NHS
From Parliament: A debate has been scheduled for 4.30pm on Tuesday 28 March on medical technology regulations and the NHS. The debate will be opened by Dame...
Infosecurity News
Understanding the Shared Responsibility Model, Critical Step to Ensure Cloud Security
During the Cloud & Cyber Security Expo, cloud security experts attributed the security shortcomings of cloud users to misconceptions over their responsibility
DataBreaches
UK: Data Leak Hits Thousands of NHS Workers
Phil Muncaster reports: An estimated 14,000 employees at a Liverpool NHS hospital trust have been informed that their data was leaked via email due to human...
DataBreaches
U.K.: NHS call center advisor found guilty of accessing medical records illegally
From the ICO, this press release: A former 111 call centre advisor has been found guilty and fined for illegally accessing the medical records of a child and...
DataBreaches
Scots cancer patient hits out after major data breach of medical records at NHS Lothian by staff member
Sarah Vesty reports: A Scots cancer patient had hit out after discovering his confidential medical records were ‘inappropriately’ accessed by a...
Infosecurity News
Data Leak Hits Thousands of NHS Workers
Email snafu at Liverpool University Hospital Foundation Trust
DataBreaches
Derriford Hospital admits data breach as patient sent list of complaints against hospital
William Telford reports: Health chiefs have admitted a data breach after a patient received a list of people who had made complaints against Plymouth’s...
The Record
Here's who intelligence insiders tip for the next GCHQ director
The search is on for one of the British intelligence community's most important roles — the director of GCHQ.
DataBreaches
NHS Is The Most Phished UK Government Organization
Cyber Security Intelligence reports: Cyber security experts have recently revealed the top six government impersonation scams they have removed from the...
ZDNet
The ransomware problem isn't going away, and these grim figures prove it
There's still huge disruption from ransomware attacks - and there's no sign that criminals intend to give up.
Infosecurity News
Rail Tech Giant Wabtec Discloses Global Data Breach
Incident thought to stem from 2022 ransomware attack
Security Affairs
US. rail and locomotive company Wabtec hit with Lockbit ransomware
US. rail and locomotive company Wabtec Corporation disclosed a data breach after it was hit with Lockbit ransomware attack. Wabtec Corporation is an American company formed by the merger of the Westinghouse Air Brake Company (WABCO) and MotivePower Industries Corporation in 1999. It manufactures products for locomotives, freight cars and passenger transit vehicles, and builds new locomotives up to 6,000 horsepower. The company employs […]
Infosecurity News
NHS is Most Scammed UK Government
Millions of suspicious emails were reported in 2022
Bleeping Computer
Rail giant Wabtec discloses data breach after Lockbit ransomware attack
U.S. rail and locomotive company Wabtec Corporation has disclosed a data breach that exposed personal and sensitive information.
DarkReading
Chinese 'RedZei' Group Batters Victims With Incessant Vishing Effort
The cybercriminals switch up carriers and SIM cards regularly, making it difficult for either mobile users or telecom companies to block the barrage of malicious calls and voicemails.
The Hacker News
RedZei Chinese Scammers Targeting Chinese Students in the U.K.
Chinese international students in the U.K. have been facing persistent scams for over a year by Chinese-speaking fraudsters.
Loading more articles....