TikTok Restores Service for US Users Based on Trump’s Promised Executive Order
TikTok restored service to users in the United States on Sunday just hours after the popular video-sharing platform went dark in response to a federal ban, which President-elect Donald Trump said he would try to pause by executive order on his first day in office. Trump said he planned to issue the order to give […]
Read More
Treasury Levels Sanctions Tied to a Massive Hack of Telecom Companies and Breach of Its Own Network
The Treasury Department announced sanctions Friday in connection with a massive Chinese hack of American telecommunications companies and a breach of its own computer network. The sanctions target a Chinese hacker who officials say is affiliated with Beijing’s Ministry of State Security and who was involved in a cyber-intrusion disclosed last month that gave hackers […]
Read More
TikTok Says It Will ‘Go Dark’ Unless It Gets Clarity From Biden Following Supreme Court Ruling
TikTok said it will have to “go dark” this weekend unless the outgoing Biden administration assures the company it won’t enforce a shutdown of the popular app after the Supreme Court on Friday unanimously upheld the federal law banning the app unless it’s sold by its China-based parent company. The Supreme Court in its ruling […]
Read More
US Government Agencies Call for Closing the Software Understanding Gap
The cybersecurity agency CISA and other government agencies are calling to action for the US to take the necessary steps to improve cybersecurity by closing the software understanding gap. This gap is the result of manufacturers building software that mission owners and operators lack the adequate capacity to verify, meaning that they cannot fully understand […]
Read More
In Other News: Lawsuits and Settlements, CrowdStrike Phish, MITRE’s D3FEND 1.0
SecurityWeek’s cybersecurity news roundup provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we curate and present a collection of noteworthy developments, […]
Read More
Wolf Haldenstein Data Breach Impacts 3.4 Million People
Law firm Wolf Haldenstein Adler Freeman & Herz LLP is notifying more than 3.4 million individuals that their personal information was compromised in a December 2023 data breach. According to the firm, it discovered the incident after detecting suspicious activity on its network. Its investigation revealed that a threat actor accessed certain files and data […]
Read More
Google Releases Open Source Library for Software Composition Analysis
Google on Thursday announced the release of OSV-SCALIBR (Software Composition Analysis LIBRary), an open source library for software composition analysis. Released as an open source Go library, the tool is an extensible file system scanner designed to extract information on software inventory and identify vulnerabilities. OSV-SCALIBR can either be used as a standalone binary (a […]
Read More
US Announces Sanctions Against North Korean Fake IT Worker Network
The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) on Thursday announced sanctions against two individuals and four entities involved in generating illicit funds for North Korea as part of the fake IT worker scheme. As part of the elaborate operation, North Korean operatives relied on stolen identities and AI to pose […]
Read More
Industry Reactions to Biden’s Cybersecurity Executive Order: Feedback Friday
President Joe Biden this week issued an executive order aimed at strengthening the United States’ cybersecurity and making it easier to go after hackers. The executive order covers areas such as security in third-party software supply chains, software development, identity, the security of internet protocols, encryption, quantum computing, artificial intelligence, infrastructure and network security, and […]
Read More
Vulnerabilities in SimpleHelp Remote Access Software May Lead to System Compromise
Vulnerabilities in the SimpleHelp remote access software are trivial to exploit and could allow attackers to compromise the server and client machines, cybersecurity firm Horizon3.ai reports. SimpleHelp provides remote support solutions that include file transfer, diagnostics, and task automation capabilities. It uses clients running on customers’ machines and a server that acts as a web […]
Read More