Daily Digest (12/8)

Sources: US to deny TikTok divestiture deadline extension; NSA warns of Russian hacking against VMware products; Greater Baltimore Medical Center computers impacted by ransomware; California adopts COVID contact-tracing app

Sources: US to Deny TikTok Divestiture Deadline Extension 

The Trump administration denied ByteDance an extension of an order requiring the Chinese company to divest itself of TikTok’s U.S. assets, but talks on the short video-sharing app’s future would continue.

A Treasury Department representative said Friday that the Committee on Foreign Investment in the United States (CFIUS) “is engaging with ByteDance to complete the divestment and other steps necessary to resolve the national-security risks,” Reuters reports. 

Last week, CFIUS granted ByteDance a one-week extension until last Friday to shed TikTok’s U.S. assets.

President Donald Trump’s August executive order gave the Justice Department the authority to enforce the directive once the deadline expired, although it remained unclear how the government would force the divestment. 

The government previously issued 15-day and seven-day extensions of the initial 90-day deadline, which was Nov. 12, in the order.

The Justice Department did not immediately respond to requests for comment, while the White House declined to comment, Reuters reports.

TikTok also declined to comment.

Sources: (all links external):

NSA Warns of Russian Hacking Against VMware Products

The National Security Agency warned Monday that Russian “state-sponsored” hackers were exploiting a software vulnerability in products made by the cloud-computing company VMware Inc.

The NSA said organizations should apply the vendor-issued software patch “as soon as possible,” Reuters reports. 

If successfully exploited, the vulnerability could allow a hacker to run OS commands remotely on the infected device, allowing the theft or corruption of data, according to the NSA alert.

A separate alert by VMware said hackers would first need access to a user’s account through a stolen password to fully exploit the vulnerability. 

The Russian government has denied any involvement in malicious cyberactivity, Reuters reports. 

Greater Baltimore Medical Center Computers Impacted by Ransomware 

The Greater Baltimore Medical Center in Maryland confirmed Sunday evening that it had detected a ransomware attack that brought down its systems earlier in the day. 

GBMC said that the incident affected their computer systems, but that they had “robust processes” in place to maintain “safe and effective patient care,” WJZ-TV in Baltimore reports. 

There was no evidence of misused or stolen patient information, officials said, but the incident affected medical procedures scheduled for Monday. 

All impacted patients were contacted by the medical center, GMBC said.

The center has been working with law enforcement and outside experts in its investigation.   

California Adopts COVID Contact-Tracing App 

California Democratic Gov. Gavin Newsom announced Monday an app to track and  alert people of possible coronavirus exposure as cases surge in the state.

California residents may opt in to use the contact-tracing tool starting Thursday, The Associated Press reports.

Residents can activate the exposure-notifications tool from the settings menu on iPhones or they can download the CA Notify App in the Google Play store for Android devices.

The tool uses Bluetooth wireless signals to detect when two phones are within 6 feet of each other for at least 15 minutes, officials said.

“The more people that participate in it, the more that opt in, the more effective this program can be,” Newsom told reporters. “We are hoping there will be enough to make this meaningful.”

Sixteen other states, as well as Guam and Washington, D.C., already have made contact-tracing tools available, though with little success, AP reports.

— By DPN Staff