Security News

The White House dropped Trump-era executive orders intended to ban the popular apps TikTok and WeChat and will conduct its own review aimed at identifying national security risks with software applications tied to China, officials said Wednesday. In revoking some of President Donald Trump's blanket-style orders against Chinese tech companies and replacing them with a narrower approach, the Biden administration has not actually weighed in yet on whether TikTok and other apps pose a danger to Americans.

The policy change, first spotted by TechCrunch, went into effect on June 2. TikTok users who reside in the European Economic Area, the U.K., Switzerland, and other geographies where the service operates are exempted from the changes.

Their most recent socially engineered messages try to convince users to download their fake version of TikTok by saying the app, which is banned in India, is now available, the report found. Threat actors blast out an SMS or WhatsApp message to numbers on the Jio network with the phishing lure message and a link to take advantage of the fraudulent offer, the report showed.

Nebulous privacy and censorship criticisms about video social-media app TikTok have been swirling for months. Security analysts from CitizenLab are the first to collect real data on the platform's source code, and reported that TikTok meets reasonable standards of security and privacy.

TikTok is likely no more of a threat to users than Facebook, according to an analysis by academic research group Citizen Lab that analyzed the video-sharing social networking service's app to probe for security, privacy and censorship issues. The authors considered both TikTok - the app available outside China - and Douyin, the Chinese version of TikTok.

A researcher has earned over $11,000 from TikTok after disclosing a series of vulnerabilities that could have been chained for a high-impact 1-click exploit. As for what an attacker could have done with this exploit, the researcher said "Anything TikTok can do on your device, the exploit can do."

Security concerns largely center on the fact that TikTok is a Chinese company. If you decide to use TikTok - and the same goes for all social media platforms - be careful with what you share, and don't assume any inherent data security or privacy.

TikTok's Chinese parent company ByteDance has agreed to pay $92 million in a settlement to U.S. users who are part of a class-action lawsuit alleging that the video-sharing app failed to get their consent to collect data in violation of a strict Illinois privacy law. The federal lawsuit alleged that TikTok broke the Illinois biometric privacy law, which allows suits against companies that harvest consumer data without consent, including via facial and fingerprint scanning.

An umbrella group comprising 44 consumer-privacy watchdog organizations have filed a complaint against TikTok, saying the wildly-popular video-sharing platform has "Misleading" data-collection policies. "TikTok does not clearly inform its users, especially children and teenagers, about what personal data is collected, for what purpose and for what legal reason," said the BEUC, in a report released Tuesday, along with the complaint.

President Joe Biden's administration has asked a US federal court to pause proceedings aimed at banning TikTok to allow for a fresh review of the national security threat from the popular Chinese-owned video app. The Trump administration move to ban downloads of TikTok and its presence on online networks had been stalled amid legal challenges.