"Earlier this year, Russia’s foreign intelligence service stole internal emails and data on individuals from the UK government. The news was first reported by Recorded Future News, which obtained an official description of the incident report.

The description of the report was obtained under the Freedom of Information Act, it revealed that the incident follows an attack carried out by a nation-state actor on a supplier of the department’s corporate systems, and linked the security breach to Microsoft’s January announcement.

In January, Microsoft warned that some of its corporate email accounts were compromised by a Russia-linked cyberespionage group known as Midnight Blizzard. The company notified law enforcement and relevant regulatory authorities.

Microsoft also announced that the Russia-linked APT Midnight Blizzard that hit the company in late November 2023 has been targeting organizations worldwide as part of a large-scale cyberespionage campaign..."

"The UK's Information Commissioner's Office (ICO) has announced a provisional decision to impose a fine of £6.09M ($7.74 million) on Advanced Computer Software Group Ltd (Advanced) for its failure to protect the personal information of tens of thousands when it was hit by ransomware in 2022.

Advanced, an IT service and hosting provider contracted by the United Kingdom's National Health Service (NHS), was compromised by threat actors on August 4, 2022.

The incident impacted hundreds of public and private entities, including NHS 111, and various healthcare products such as Adastra, Caresys, Odyssey, Carenotes, Crosscare, Staffplan, and eFinancials.

As a result of the breach, the personal information of nearly 83,000 people was exposed, including instructions on how to access homes for 890 people receiving care at home..."

"The codes look like they are part of the council's payment system, but instead lead to a phony website.

Motorists who think they have paid for their parking via a fake QR code also risk parking fines, the council added..."

"Social media is now undeniably a significant part of many of our lives, in the UK and around the world. We use it to connect with others and share information in public and private ways. Governments and companies have, of course, taken note and built fortunes or extended their power by exploiting the digital information we generate. But should the power to use the information we share online be unlimited, especially for governments who increasingly use that information to make material decisions about our lives?

At Privacy International (PI), we think the answer to that question is a resounding no. That is why we have been examining the use of social media monitoring by governments and companies. The practice is an increasingly prevalent one, and as this article explores, largely unregulated. That needs to change..."

"Civil liberties campaigners have said that a proposal made by Keir Starmer on Thursday to expand the use of live facial recognition technology would amount to the effective introduction of a national ID card system based on people’s faces.

Silkie Carlo, the director of Big Brother Watch, said it was ironic the new prime minister was suggesting a greater use of facial matching on the same day that an EU-wide law largely banning real-time surveillance technology came into force..."

We're happy to announce that BusKill is presenting at DEF CON 32.

What: Open Hardware Design for BusKill Cord
When: 2024-08-10 12:00 - 13:45
Where: W303 – Third Floor – LVCC West Hall

BusKill is presenting at DEF CON 32

via @[email protected]

What is BusKill?

BusKill is a laptop kill-cord. It's a USB cable with a magnetic breakaway that you attach to your body and connect to your computer.

Watch the BusKill Explainer Video for more info youtube.com/v/qPwyoD_cQR4

If the connection between you to your computer is severed, then your device will lock, shutdown, or shred its encryption keys -- thus keeping your encrypted data safe from thieves that steal your device.

What is DEF CON?

DEF CON is a yearly hacker conference in Las Vegas, USA.

Watch the DEF CON Documentary for more info youtube.com/watch?v=3ctQOmjQyYg

What is BusKill presenting at DEF CON?

I (goldfishlaser) will be presenting Open Hardware Design for BusKill Cord in a Demo Lab at DEF CON 32.

What: Open Hardware Design for BusKill Cord
When: Sat Aug 10 12PM – 1:45PM
Where: W303 – Third Floor – LVCC West Hall

Who: Melanie Allen (goldfishlaser) More info

Talk Description

BusKill is a Dead Man Switch triggered when a magnetic breakaway is tripped, severing a USB connection. I’ve written OpenSCAD code that creates a 3D printable file for plastic parts needed to create the magnetic breakaway. Should anyone need to adjust this design for variations of components, the code is parameterized allowing for easy customization. To assemble a BusKill Dead Man Switch cord you will need:

1. a usb-a extension cord,
2. a usb hard drive capable of being attached to a carabiner,
3. a carabiner,
4. the plastic pieces in this file,
5. a usb female port,
6. a usb male,
7. 4 magnets,
8. 4 pogo pins,
9. 4 pogo receptors,
10. wire,
11. 8 screws,
12. and BusKill software.

Golden DIY BusKill Print

Full BOM, glossary, and assembly instructions are included in the github repository. The room holds approx. 70 attendees seated. I’ll be delivering 3 x 30 min presentations – with some tailoring to what sort of audience I get each time.

Meet Me @ DEF CON

If you'd like to find me and chat, I'm also planning to attend:

• ATL Meetup (DCG Atlanta Friday: 16:00 – 19:00 | 236),
• Hacker Kareoke (Friday and Sat 20:00-21:00 | 222),
• Goth Night (Friday: 21:00 – 02:00 | 322-324),
• QueerCon Mixer (Saturday: 16:00-18:00 | Chillout 2),
• EFF Trivia (Saturday: 17:30-21:30 | 307-308), and
• Jack Rysider’s Masquerade (Saturday: 21:00 – 01:00 | 325-327)

I hope to print many fun trinkets for my new friends, including some BusKill keychains.

Come to my presentation @ DEF CON for some free BusKill swag

By attending DEF CON, I hope to make connections and find collaborators. I hope during the demo labs to find people who will bring fresh ideas to the project to make it more effective.

Hi. Trying to avoid giving my number out especially after i found it got pwned.

Does anyone know of cheap ways to port over to VOIP in UK? Don't think Google voice is available here yet? Also anyone know how to get multiple Voip numbers for relatively cheap.

Thanks.

I have not always had an interest in data privacy. Actually, it took me moving in to being a data engineer in the marketing world to really realise the intense nature of data capture.

Like, I am sure, a large proprotion of the privacy aware population, it is not that there is anything to hide, just that privacy of data should be a right. It is one of the reasons I stepped away from most social networks, try to de-Google as much as I can and take care in my data landscape.

But, how does everyone else manage theirs? It would be good to share some useful tips, resources, tools, etc. that the wider community (as it grows) can use.

For me, I use:

• A VPN (Mullvad in this case)
• Firefox with 'some' hardening (don't want to totally cripple the online experience)
• Windows OS with telemtry disabled across the system (never perfect but I am happy)
• Simplewall (Windows App) to manage some outbound traffic
• Random password generators (exact logic is incredibly unique to me)
• Android (mobile) with as much telemetry disabled as possible
• Privacy Guides, a great website to keep atop of new updates
• Various threat landscape blogs and podcasts

Listing it out, it sounds like I do a lot but this is pretty tame. I accept that there is a balance between user experience and privacy. Yes, I could totally de-Google my phone but then a lot of useful functionality is lost. Same with Windows, I could move to Linux full-time (and would if I could) but I am a gamer and, while Linux is improving in that landscape, it ain't great just yet.