Tag: Computer Security

White House Said to Consider Pushing Congress on Dealing With TikTok

Chin@Strategy

The Biden administration is considering pushing Congress to give it more legal power to deal with TikTok and other technology that could expose sensitive data to China, five people with knowledge of the matter said, as it comes under growing pressure to resolve security concerns about the Chinese-owned video app. White House officials are weighing whether to support legislation being developed by Senator Mark Warner, Democrat of Virginia, that would give the government more authority to police apps and services that could pose a risk to Americans’ data security or…

Auburn Banned TikTok, and Students Can’t Stop Talking About It

Chin@Strategy

One former sorority sister at Auburn, for example, “did a new TikTok dance every day promoting Auburn Zeta Tau Alpha so people would see how much fun she was having with her ‘zisters,’” Ms. Franco said, adding that it would be a “huge hit” to Greek life at Auburn if the university’s ban extended to sorority TikTok accounts and related hashtags. Ms. Franco said that she was not concerned about the security risks prompting the ban — a sentiment echoed by other students, including Ms. Hunt. “From what I’ve heard…

TikTok Browser Can Track Users’ Keystrokes, According to New Research

Chin@Strategy

The web browser used within the TikTok app can track every keystroke made by its users, according to new research that is surfacing as the Chinese-owned video app grapples with U.S. lawmakers’ concerns over its data practices. The research from Felix Krause, a privacy researcher and former Google engineer, did not show how TikTok used the capability, which is embedded within the in-app browser that pops up when someone clicks an outside link. But Mr. Krause said the development was concerning because it showed TikTok had built in functionality to…

China’s Olympics App for Athletes Has Security Flaws, Study Says

Chin@Strategy

In preparation for the 2021 Tokyo Olympics, Japan worked to develop a contact tracing app that would track foreign visitors, but concerns quickly mounted over bugs in the software and whether all visitors would own smartphones on which to install the app. The Citizen Lab report said MY2022 failed to confirm a unique encryption signature with the server where it was transferring data. In effect, that meant hackers could intercept the data without Chinese officials necessarily knowing. Other parts of the app, like its built-in messaging service, failed to encrypt…

Microsoft Seizes 42 Websites From a Chinese Hacking Group

Chin@Strategy

Microsoft said on Monday that it had seized 42 websites from a Chinese hacking group in an effort to disrupt the group’s intelligence-gathering operations. The company said in a news release that a federal court in Virginia had granted Microsoft’s request to allow its Digital Crimes Unit to take over the U.S.-based websites, which were being run by a hacker group known as Nickel or APT15. The company is redirecting the websites’ traffic to secure Microsoft servers to “help us protect existing and future victims while learning more about Nickel’s…

Spies for Hire: China’s New Breed of Hackers Blends Espionage and Entrepreneurship

Chin@Strategy

One posting from Hainan Xiandun stood out. The ad, on a Sichuan University computer science hiring board from 2018, boasted that Xiandun had “received a considerable number of government-secret-related business.” The company, based in Hainan’s capital, Haikou, paid monthly salaries of $1,200 to $3,000 — solid middle-class wages for Chinese tech workers fresh out of college — with bonuses as high as $15,000. Xiandun’s ads listed an email address used by other firms looking for cybersecurity experts and linguists, suggesting they were part of a network. Chinese hacking groups are…