Daily Digest (9/18)

US Bans TikTok, WeChat From App Stores Beginning Sunday; WeChat ‘Ban’ Won’t Target Users, US Says; 100K Customer Records Exposed in Razer Data Leak; US Indicts 5 Members of APT41 Threat Group Over Hack. Click “Continue reading” below.

US Bans TikTok, WeChat From App Stores Beginning Sunday

The Commerce Department said Friday that it would ban Chinese-owned TikTok and WeChat from U.S. app stores on Sunday, citing national security and privacy concerns.

The order comes after Oracle, the California tech company, reached a deal over the weekend with TikTok’s owner, Bytedance, to satisfy White House concerns over the app’s data-collection and related issues, The Associated Press reports.

It was not clear how the order would affect the Oracle deal.

The Commerce Department was enacting an executive order President Donald Trump signed last month, AP reports.

“At the president’s direction, we have taken significant action to combat China’s malicious collection of American citizens’ personal data, while promoting our national values, democratic rules-based norms, and aggressive enforcement of U.S. laws and regulations,” Commerce Secretary Wilbur Ross said in a statement.

Source (all external links):

WeChat ‘Ban’ Won’t Target Users, US Says

A White House ban on the Chinese app WeChat will not affect users, according to a U.S. Justice Department document filed Wednesday in federal court.

The Trump administration issued executive orders last month to ban TikTok and WeChat, claiming the apps were threats to national security, The Associated Press reports.

The nonprofit group, WeChat Users Alliance, have sued in federal court, saying their members rely on the app for work, worship and to keep in touch with relatives in China.

The alliance sued Aug. 22, claiming the ban violated users’ freedom of speech and other constitutional rights, AP reports.

But the Justice Department said in its filing that the Commerce Department “does not intend to take actions that would target persons or groups whose only connection with WeChat is their use or downloading of the app to convey personal or business information between users.”

Such users, the filing added, would not be exposed to “criminal or civil liability.”

The government filing said that using and downloading the app to communicate would not be a banned transaction, although messaging on the app could be “directly or indirectly impaired” by the ban.

The Justice Department’s filing said the “assurances largely address” concerns raised by the plaintiffs.

A hearing on the WeChat users’ petition for an injunction will be heard in a federal district court in California on Thursday, AP reports.

Source :

100K Customer Records Exposed in Razer Data Leak

Records of 100,000 customers of Razer, an electronics hardware maker, were exposed through a misconfigured server — disclosing personal transactions that included names, emails and customer ID numbers.

Volodymyr Diachenko, an independent cybersecurity consultant, discovered the breach, CPO Magazine reports.

Razer is owned by Bitglass, whose CTO Anurag Kahol told the magazine that leaving the database open to the public was a “common occurrence,” but that it was still a basic security risk that needed to be prevented.

Razer sealed the data leak early last month before making it public, and Diachenko eventually received a response from the company after several failed attempts, CPO reports.

In a public statement, Razer said it would scrutinize its IT security practices more carefully.

Source:

US Indicts 5 Members of APT41 Threat Group Over Hack

Five alleged members of the known hacking group, APT41, were indicted this week by a federal grand jury in a case brought by the Justice Department.

The group is known for its state-backed cyberespionage activity and financial crimes, Threatpost reports.

In its indictment, the Justice Department alleged that the group facilitated many ransomware and crypto-jacking attacks, leading to source-code theft and other activity.

“This is a unique hacker, who carries out global cyber-espionage while simultaneously pursuing a criminal venture,” cybersecurity analyst John Hultquist told Threatpost.

“APT41’s ability to successfully blend their criminal and espionage operations is remarkable,” he said.

Source:

— By DPN Staff