Privacy & Compliance news & analysis | SC Media

Privacy & Compliance News and Analysis

Oracle will inherit TikTok security, privacy headaches

By partnering with the popular Chinese videosharing platform TikTok, Oracle will inherit a laundry list of security and privacy issues once the deal is approved, as soon as Sept. 20, by TikTok parent company ByteDance. TikTok boasts 100 million users in the U.S. and 689 million globally. Earlier this year President Trump threatened to ban…

Slack users unwittingly phished with malicious payloads

Since late June, the platform’s file storage domain – slack-files.com – appeared to pop up with far more regularity on the Phish Alert Button, leading KnowBe4 researchers to surmise that Slack users using the referral URL domain, slack-redir.net, are being duped with malicious payloads, raising concerns. And if an attacker can penetrate an organization and take…

1,200 iOS apps unknowingly handing over dollars to Chinese ad platform

Malicious code embedded in the Chinese mobile ad platform Mintegral SDK, used by 1,200-plus iOS apps downloaded more than 300 million times monthly, is siphoning off advertising dollars. The Mintegral SDK platform is intended to give app developers and advertisers an opportunity to monetize their ad-based marketing. But researchers from Snyk found evidence that other…

Corporate VPNs in danger as vishing attacks target home workers

Multiple hacking gangs are preying on remote workforces and corporate VPNs through vishing attacks that are more efficient, dangerous and ubiquitous than ever, prompting the U.S. government to issue both a warning and advice on how to thwart them. “The news has spread throughout the hacker community and multiple groups are now doing this,” said…

IBM pays up in tech, settles Weather Channel privacy lawsuit by LA

IBM will pony up $1 million worth of technology to the city of Los Angeles for COVID-19 contact tracing, and The Weather Channel app will change its privacy practices regarding use of user location data. The changes come with the settlement of a lawsuit that accused the app of misleading users as to how their…

Exposed social media profiles give security teams 235 million reasons to worry about ransomware attacks

Security teams should brace for a potential onslaught of ransomware attacks – more troubling as workforces operate remotely during the pandemic – after the public-facing profiles of 235 million TikTok, Instagram and YouTube users were exposed through a misconfigured database. “Since everybody is working remotely, those phishing attacks can compromise a personal device, which then…

SMBs imperiled as low-end RaaS grows more powerful

As Ransomware-as-a-Service (RaaS) has simultaneously grown more powerful and easier to use, just about anyone can launch successful, damaging ransomware attacks on organizations. Small and medium businesses are particularly vulnerable to the widening variety of tactics –from the “spray and pray” favored by Avaddon to the mass-market-based business model used by Dharma RaaS. “The skills…

Next post in Ransomware