Author Archives: Jeff Stone

Twitter plans to remove false election tweets, setting up clash with Trump

Posted on by

Just wait until the president hears about this one. Twitter announced on Thursday that it will label or remove false or misleading information that could cause confusion about an election, or is meant to undermine confidence in civic processes. The update includes enforcement against unverified claims of election rigging, ballot tampering, claiming a political victory before election results are certified and inciting unlawful conduct to prevent a peaceful transfer of power or orderly succession. The announcement does not mention President Donald Trump by name. It does, however, signal that the company will be more aggressive in checking the president’s claims as Election Day approaches. For months, Trump has used his Twitter feed to amplify unfounded claims that mail-in voting enables widespread fraud, and this month urged his supporters to vote twice. “The goal is to further protect against content that could suppress the vote and help stop the spread of harmful misinformation […]

The post Twitter plans to remove false election tweets, setting up clash with Trump appeared first on CyberScoop.

Continue reading Twitter plans to remove false election tweets, setting up clash with Trump

Chinese diplomat demands investigation after his Twitter account liked embarrassing posts

Posted on by

A Twitter account belonging to China’s ambassador to the United Kingdom was allegedly breached by a hacker who used the account to engage with anti-Chinese content in what the government described as a “despicable” act. The Twitter account for Ambassador Liu Xiaoming was compromised by “some anti-China” elements to “viciously” attack the ambassador and “deceive the public,” the Chinese Embassy in the U.K. said in a statement Wednesday. The announcement came after social media users noticed that Liu’s account had “liked” a pornographic video, and a number of tweets criticizing Beijing’s treatment of the Uighur Muslim population. One tweet said Chinese officials “paid lip service to non-interference” in China’s internal affairs so the government “could murder their own people.” Liu’s account was created in October, though Twitter remains blocked in mainland China. Twitter likes do not always indicate endorsements, as many journalists and other users press the “like” button to […]

The post Chinese diplomat demands investigation after his Twitter account liked embarrassing posts appeared first on CyberScoop.

Continue reading Chinese diplomat demands investigation after his Twitter account liked embarrassing posts

Beijing floats a plan to protect Chinese companies from American cyber ‘bullying’

Posted on by

If Chinese technology companies are going to lose global market share amid concerns about their ties to the Communist government, Beijing isn’t going to let that happen quietly. In a speech Tuesday, Chinese State Councillor Wang Yi proposed a set of international rules intended to increase trust and refute the Trump administration’s strategy to limit the reach of Chinese-made technologies. Wang said the “Global Initiative on Data Security” is a recognition that data protection techniques are increasingly politicized at a moment when “individual countries” are “bullying” others, sometimes “hunting” foreign-based companies. The speech coincided with an ongoing effort in Washington to limit what officials have described as a national security threat from China-based corporations including TikTok and Huawei. While the U.S. has provided few specific examples of the apparent threat, intelligence officials have consistently warned that Chinese national security laws require Chinese companies to provide data at the government’s request. Chinese […]

The post Beijing floats a plan to protect Chinese companies from American cyber ‘bullying’ appeared first on CyberScoop.

Continue reading Beijing floats a plan to protect Chinese companies from American cyber ‘bullying’

Voatz urges Supreme Court to not protect ethical research from prosecution

Posted on by

If the mobile voting firm Voatz actually is interested in working with security researchers who can examine their technology, the company sure has an odd way of showing it. Massachusetts-based Voatz on Thursday filed an amicus brief to the Supreme Court, arguing that only security researchers with clear permission should be authorized to probe systems for vulnerabilities. The filing came as part of a Supreme Court case in which justices are poised to reconsider the Computer Fraud and Abuse Act, a 1986 federal law that prohibits access to computers without the owner’s consent. Researchers have said the anti-hacking law is overly vague, and could criminalize activities ranging from innocuous internet habits, like sharing passwords, to important anti-discrimination research. A group of law scholars previously asked the court to allow ethical security tests. Voatz, which advertises an internet-based voting platform in a market dominated by more established voting machine manufacturers, has […]

The post Voatz urges Supreme Court to not protect ethical research from prosecution appeared first on CyberScoop.

Continue reading Voatz urges Supreme Court to not protect ethical research from prosecution

TikTok scrubs ads promoting diet pills, fake apps after Tenable report

Posted on by

Silly scammers, TikTok is for kids. The video-sharing app, which claims some 49 million daily active users in the U.S., said Thursday it removed an array of advertisements from its central #ForYou page that marketed suspicious diet pills, fake mobile apps and other inauthentic services. The removal came after researchers from the security firm Tenable alerted TikTok about an ecosystem of promotions that aim to defraud users out of money, trick them into downloading shady apps or collect their personally identifiable information. Some ads promise to compensate users who download mobile apps and run those programs for three minutes, a tactic that allows attackers to subvert security controls. Other messaging masquerades as news articles, apparently from CNN or Fox News, that include celebrities marketing “free” weight loss pills. “Scammers see [TikTok] users as a means to an end – the goal is to prey on consumer insecurities and desires to […]

The post TikTok scrubs ads promoting diet pills, fake apps after Tenable report appeared first on CyberScoop.

Continue reading TikTok scrubs ads promoting diet pills, fake apps after Tenable report

Russia’s IRA used phony news accounts on Facebook to discuss QAnon, coronavirus

Posted on by

Russia’s troll farm again is trying to use Facebook to inflame divisions in the U.S. ahead of a presidential election. Facebook on Tuesday said it removed 13 accounts and two pages, which had 14,000 followers, affiliated with the Internet Research Agency, a Russian organization with a long history of using fake social media accounts to exploit political tension. The accounts impersonated independent news outlets to create discussions about the coronavirus pandemic, Joe Biden’s political candidacy and the right-wing conspiracy QAnon, among other topics. In some cases, IRA members posed as news editors to recruit freelance journalists to post content about contentious political topics. The IRA used an apparent news site called Peace Data, which published anti-Western articles with headlines like “UK Government Creates a Myth of a Migrant Crisis to Distract from Its Failures” and “The gold behind the French presence in Mali.” The Peace Data Facebook page is no […]

The post Russia’s IRA used phony news accounts on Facebook to discuss QAnon, coronavirus appeared first on CyberScoop.

Continue reading Russia’s IRA used phony news accounts on Facebook to discuss QAnon, coronavirus

The FBI’s digital security guide for local police actually has good OPSEC advice

Posted on by

An FBI cybersecurity guide instructs local police officers on how to avoid surveillance and harassment online amid ongoing protests against police brutality throughout the U.S. The Federal Bureau of Investigation instructions include a range of advisories for smaller police agencies, ranging from ways to avoid harassment on Facebook to the best ways to remove personal information from publicly available databases. The 354-page document, titled “Digital Exhaust Opt Out Guide,” was released publicly in June as part of the BlueLeaks data dump, a trove of law enforcement materials made public by transparency activists calling themselves Distributed Denial of Secrets. Federal authorities have distributed the guidelines to local police fusion centers — the state-operated hubs where federal, state, local and other law enforcement agencies share threat information and training tools — amid protests over the death of George Floyd and other unarmed Black Americans at the hands of police. A number of […]

The post The FBI’s digital security guide for local police actually has good OPSEC advice appeared first on CyberScoop.

Continue reading The FBI’s digital security guide for local police actually has good OPSEC advice

Elon Musk confirms that attempted Russian ransomware attack was aimed at Tesla

Posted on by

Well, that mystery is solved. Tesla chief executive Elon Musk said in a tweet Thursday night that the company was targeted by a “serious” ransomware attack that was thwarted by the FBI. The U.S. Department of Justice on Wednesday announced that police had arrested a Russian man accused of offering $1 million to an unnamed person to hack their employer. The plan was to infect the company’s factory, based in Sparks, Nevada, with malware, then direct a distributed denial-of-service attack against its services, knocking it offline. When the victim ultimately paid an extortion fee, attackers’ logic went, hackers would split the proceeds with the inside source. And the hackers might have gotten away with it, too, if it wasn’t for that meddling employee. Multiple Tesla-focused blogs reported Thursday that the firm was the intended victim of the scheme, though the reporting wasn’t confirmed until Musk’s tweet. Much appreciated. This was a […]

The post Elon Musk confirms that attempted Russian ransomware attack was aimed at Tesla appeared first on CyberScoop.

Continue reading Elon Musk confirms that attempted Russian ransomware attack was aimed at Tesla

Cloud company Fastly to purchase app security provider Signal Sciences for $775 million

Posted on by

The cloud services company Fastly said Thursday it intends to acquire Signal Sciences for $775 million. The deal for Los Angeles-based Signal Sciences, which provides security monitoring and digital defenses for web applications, is for $200 million in cash and roughly $575 million in Class A stock, the companies said in an announcement. The deal is subject to “customary adjustments for transactions of this nature,” they said. Fastly also will set up a $50 million retention pool for restricted stock meant to current Signal Sciences employees. The transaction brings Signal Sciences into Fastly’s service, a content distribution platform that protects against distributed denial-of-service (DDoS) attacks, automated bot traffic and provides an application firewall. Now, the plan is to include Signal Science’s technology, which encompasses API protection, into a new security product. Word of the deal comes after Palo Alto Networks announced it would acquire Crypsis Group, an incident response firm, for $265 […]

The post Cloud company Fastly to purchase app security provider Signal Sciences for $775 million appeared first on CyberScoop.

Continue reading Cloud company Fastly to purchase app security provider Signal Sciences for $775 million

TikTok’s security boss makes his case. Carefully.

Posted on by

Roland Cloutier, the global chief security officer for ByteDance, says he still doesn’t understand why the U.S. government has labeled TikTok as a national security threat. The video-sharing social media company, owned by Beijing-based ByteDance, filed a lawsuit in U.S. federal court Monday challenging a White House executive order that effectively will ban the app unless TikTok is sold by Nov. 12. Then, news broke Thursday that TikTok chief executive Kevin Mayer had resigned, three months after he was hired, amid reports that he’d been excluded from acquisition talks. U.S. officials have said that commercial apps with roots in China, like TikTok, present a risk to national security by enabling the Chinese Communist Party to sweep up Americans’ personal and location data. Researchers, meanwhile, have suggested that TikTok collects much of the same information as other social media apps. The dispute resembles the 2018 debate over Kaspersky Lab, in which the […]

The post TikTok’s security boss makes his case. Carefully. appeared first on CyberScoop.

Continue reading TikTok’s security boss makes his case. Carefully.