Security News

The US Treasury on Wednesday said it had extended by seven days the November 27 deadline given to the Chinese owner of TikTok to sell the popular social media platform's American business. Trump, who lost his bid for re-election this month, has claimed that TikTok - which has some 100 million US users - can be used to collect data on Americans for Chinese espionage, a claim denied by the company.

US Fertility, the largest network of fertility centers in the U.S., says that some of its systems were encrypted in a ransomware attack that affected the company two months ago, in September 2020. The US Fertility network is comprised of 55 locations across 10 states that completed almost 25,000 IVF cycles in 2018 through its clinics and more than 80 physicians.

Cybercriminals looking to steal personal information are baiting U.S. citizens with emails purporting to be from government agencies offering federal assistance. Bad actors are sending out messages purporting to be from federal government entities offering financial aid or unemployment assistance during the pandemic.

Last week I signed on to two joint letters about the security of the 2020 election. At a minimum, all states should employ election security practices and mechanisms recommended by experts to increase assurance in election outcomes, such as post-election risk-limiting audits.

Over the past year the 325th Security Forces Squadron have been trialing the security robots via a so-called "3D Virtual Ops Center," where the hardware hounds patrol the grounds and feed back data to central command. "These robot dogs will be used as a force multiplier for enhanced situational awareness by patrolling areas that aren't desirable for human beings and vehicles," said Major Jordan Criss, 325th Security Forces Squadron commander.

On Wednesday, proposed US legislation to fund defenses against realistic computer-generated media known as deepfakes was approved by the US Senate and the bill now awaits consideration in the US House of Representatives. Introduced last year by US Senators Catherine Cortez Masto and Jerry Moran, the Identifying Outputs of Generative Adversarial Networks Act aims to promote research to detect and defend against realistic-looking fakery that can be used for purposes of deception, harassment, or misinformation.

Vice has a long article about how the US military buys commercial location data worldwide. The U.S. military is buying the granular movement data of people around the world, harvested from innocuous-seeming apps, Motherboard has learned.

If you are a regular Naked Security reader, you'll know that we generally steer clear of publishing content that deals specifically with Sophos products and services. That's not only because we want to make sure that Sophos customers know how to get the best out of our own products and services, but also because understanding how we organise our threat research, and why our products work the way they do, is more than just a fascinating story.

Zoom has been forced to agree to a range of security improvements in a settlement with America's consumer watchdog, the Federal Trade Commission, as a result of earlier wrongly claiming it offered true 256-bit end-to-end encryption. The pact [PDF], announced Monday, obliges the video-conferencing giant to carry out an annual security assessment of its software and have its internal security program assessed by a third-party every two years.