Security News

The United States House of Representatives on Wednesday passed the Protecting Americans from Foreign Adversary Controlled Applications Act - a law aimed at forcing TikTok's Chinese parent ByteDance to sell the app's US operations or face the prospect of a ban. The bill names only TikTok as a "Foreign adversary controlled application" and prohibits "Providing services to distribute, maintain, or update" the app - including by offering it for sale in an app store.

UnitedHealth Group confirmed in late February that Change Healthcare systems and services were shut down after a cyberattack by "Nation-state" hackers, which was later linked to the BlackCat ransomware gang. Change Healthcare is the largest payment exchange platform used by doctors, healthcare providers, and patients in the U.S. healthcare system and by more than 70,000 pharmacies, while UHG has contracts with over 1.6 million health professionals and 8,000 healthcare facilities across all 50 U.S. states.

A group of US lawmakers introduced legislation on Tuesday that, if passed, would force Chinese internet concern ByteDance to divest TikTok - its most valuable property - or see it banned in the US. The bill is titled the Protecting Americans from Foreign Adversary Controlled Applications Act. Although the lawmakers - from The House Select Committee on the CCP with support from the Energy and Commerce Committee - seem hellbent on targeting TikTok, the bill also creates a process for the US president to designate other foreign adversary-controlled social media applications as national security risks.

Another US military man is facing a potentially significant stretch in prison after allegedly sending secret national defense information overseas. Information categorized as Secret refers to data that could reasonably be expected to cause "Serious damage", and Confidential information could lead to cause "Damage" to US national security.

Operation Cronos, led by the UK's National Crime Agency and the US's FBI, was put together by agencies from ten countries with the aim of closing down the world's most successful ransomware gang, LockBit. Best of all, the countdown timer by which LockBit displayed how long victims had left to pay up had been duplicated, only this time counting down to the unmasking of LockBit's head honcho, LockBitSupp.

Feature Two US intelligence bigwigs last week issued stark warnings about foreign threats to American election integrity and security - and the nation's ability to counter these adversaries. A few days earlier, US senator Mark Warner, who chairs the Senate's Intelligence Committee, told Trellix CEO Bryan Palma that the United States is less prepared to combat foreign intervention in the 2024 elections than was the case in 2020.

The US Department of Justice has unsealed an indictment accusing an Iranian national of a years-long campaign that compromised hundreds of thousands of accounts and attempting to infiltrate US defense contractors and multiple government agencies. "Nasab participated in a cyber campaign using spear phishing and other hacking techniques to infect more than 200,000 victim devices, many of which contained sensitive or classified defense information," said Damian Williams, US Attorney for the Southern District of New York.

Today, the FBI, CISA, and the Department of Health and Human Services warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. Today's warning follows an April 2022 FBI flash alert and another advisory issued in December 2023 detailing the BlackCat cybercrime gang's activity since it surfaced in November 2021 as a suspected rebrand of the DarkSide and BlackMatter ransomware groups.

Members of the Five Eyes intelligence alliance warned today that APT29 Russian Foreign Intelligence Service hackers are now switching to attacks targeting their victims' cloud services. The Russian cyberspies also compromised Microsoft 365 accounts belonging to various entities within NATO nations to obtain foreign policy-related data and targeted governments, embassies, and senior officials throughout Europe associated in a string of phishing attacks.

Google Pay is a secure mobile wallet that lets users send money to businesses or friends, make online purchases, pay bills, and earn rewards that translate to cash-backs or discounts. The tech giant announced that the change affects only the U.S. version of the standalone Google Pay app.