United Kingdom Cybersecurity Weekly Updates – March 23, 2025

AndyC 24 April 2025

Greetings for this week’s compilation of cybersecurity happenings, presenting the freshest occurrences and perspectives from the UK and beyond.

Greetings for this week’s compilation of cybersecurity happenings, presenting the freshest occurrences and perspectives from the UK and beyond.

Security Breach Confirmation by NHS Scotland

A significant cyber breach was acknowledged by NHS Scotland on March 20, 2025. This breach resulted in network disruptions across several health authorities. The cyber incident led to disturbances in clinical platforms, resulting in delays in patient care as staff resorted to manual processes. Although a suspected ransomware gang is linked to the event, official attribution is pending. The investigation is in progress with assistance from the National Cyber Security Centre (NCSC).

Further information from The Register verified that certain systems were brought offline to prevent further dissemination, while emergency services continued functioning. The influenced regions involved NHS Dumfries and Galloway, which advised patients to visit only if absolutely necessary. (Explore more on The Register)

NCSC Report on Weekly Threats – March 22, 2025

The recent threat report by NCSC raises concerns about the persistent exploitation of identified vulnerabilities in Progress Telerik UI by state-backed threat actors. Immediate patching of susceptible systems is advised by the report, noting continued targeting of unpatched web servers by attackers.

Besides, an escalation in malicious QR code schemes, known as “quishing,” is highlighted by NCSC. In this scheme, malevolent entities embed phishing links into QR codes, employed in emails, posters, or receipts. It is recommended for organizations to educate employees and establish QR code scanning protocols.

Increasing Cyber Perils Ahead of UK General Election

With the forthcoming UK general election later this year, the NCSC has voiced concerns regarding potential interference operations and spread of disinformation by adversarial nations. Security agencies are on heightened alert, collaborating closely with political factions to fortify cyber defenses. Despite no major incidents occurring thus far, the threat landscape is being vigilantly observed.

Key Highlights

  • A novel phishing initiative mirrors HMRC emails, demanding immediate tax reimbursements. Exercise caution and verify all formal correspondences.
  • UK educational institutions alerted about heightened focus from espionage-driven entities, especially in domains like AI and quantum computing.
  • ICO penalizes a telemarketing enterprise in London with a £130,000 fine for unauthorized data handling and non-adherence to GDPR regulations.

This concludes our weekly digest! Keep an eye out for more updates and adhere to recommended security protocols to safeguard your systems.

➡️ Revisit the Last Post: United Kingdom Cybersecurity Weekly Updates – March 17, 2025

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , ,

More Stories

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

CLOP targets Gladinet CentreStack servers in large-scale extortion campaign

AndyC 20 December 2025
ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

ASRock, ASUS, GIGABYTE, MSI Boards vulnerable to pre-boot memory attacks

AndyC 20 December 2025
China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

China-linked APT UAT-9686 is targeting Cisco Secure Email Gateway and Secure Email and Web Manager

AndyC 20 December 2025
Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

Hewlett Packard Enterprise (HPE) fixed maximum severity OneView flaw

AndyC 19 December 2025
DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

DIG AI: Uncensored Darknet AI Assistant at the Service of Criminals and Terrorists

AndyC 19 December 2025
U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Cisco, SonicWall, and ASUS flaws to its Known Exploited Vulnerabilities catalog

AndyC 19 December 2025

You may have missed

4 Pillars of Network Risk Reduction: A Guide to Network Security Risk Management

NCC Group Taps Qualys to Extend Managed Security Service into Shadow IT Realm

AndyC 20 December 2025
4 Pillars of Network Risk Reduction: A Guide to Network Security Risk Management

NCC Group Taps Qualys to Extend Managed Security Service into Shadow IT Realm

AndyC 20 December 2025
4 Pillars of Network Risk Reduction: A Guide to Network Security Risk Management

NCC Group Taps Qualys to Extend Managed Security Service into Shadow IT Realm

AndyC 20 December 2025
4 Pillars of Network Risk Reduction: A Guide to Network Security Risk Management

NCC Group Taps Qualys to Extend Managed Security Service into Shadow IT Realm

AndyC 20 December 2025
4 Pillars of Network Risk Reduction: A Guide to Network Security Risk Management

NCC Group Taps Qualys to Extend Managed Security Service into Shadow IT Realm

AndyC 20 December 2025

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.