President Donald Trump says TikTok and Oracle are close to making a deal. Don't neglect to read the fine print. While the president has demanded TikTok divest its U.S. operations - preferably to Oracle - because of national security concerns, the Chinese firm is instead offering Oracle a minority stake.
What's one of the worst things that can happen during a pandemic? The answer is anything that gives people less reason to trust in their public health system to handle the crisis. Enter a data breach that has exposed personal information for everyone who's ever tested positive for the disease in Wales.
The U.S. Cybersecurity and Infrastructure Security Agency warns that hacking groups backed by the Chinese Ministry of State Security are exploiting several unpatched vulnerabilities to target federal agencies.
Potentially capping a fraught political showdown, China's TikTok, which is owned by Beijing-based ByteDance, has chosen Oracle to be its U.S. "technology partner," rejecting a bid by Microsoft. But Chinese state media suggests reports of a deal might be premature.
A leaked database compiled by a Chinese company has suddenly become the focus of news media reports warning that it could be used as an espionage instrument by Beijing. But on closer examination, the alleged "social media warfare database" looks like public information largely scraped from social media sites.
The number of individuals affected by the May ransomware attack on cloud-based software vendor Blackbaud continues to soar. And breach reports tied to the incident now total over 170, according to one estimate.
Independent bug hunters who find flaws in products and services often struggle to hand off their vulnerability report to someone in a position to get it fixed, says longtime security researcher Daniel Cuthbert. He describes steps organizations must take to be able to receive - and act on - bug reports.
Since March, the operators behind ProLocker ransomware have focused on targeting large enterprise networks with ransomware demands sometimes exceeding $1 million, the security firm Group-IB reports. The gang has recently started to use the Qbot banking Trojan.
A recently uncovered Linux malware variant dubbed "CDRThief" is targeting VoIP networks to steal phone metadata, such as caller IP addresses, ESET reports. The malware appears to be designed for cyberespionage or fraud.
After a six-month hiatus, the Zeppelin ransomware variant returned in late August, according to Juniper Threats Labs. The malware now uses an updated Trojan downloader to better hide its activities from security tools.
The latest edition of the ISMG Security Report analyzes how criminals keep finding new ways to make ransomware victims pay. Also featured: Preventing digital currency counterfeits; a proposed health data privacy framework.
The key components of an effective "zero trust" architecture include multifactor authentication, network segmentation and a defense-in-depth approach, says Dr. Erdal Ozkaya, regional CISO and managing director at Standard Chartered Bank in the United Arab Emirates.
Consumers hate passwords, criminals love them. And while the journey to passwordless authentication takes time, there are lessons to be learned from major global organizations who have started down the path. Dr. Rolf Lindemann of Nok Nok Labs shares insights.