SecurityWeek

TikTok won a last-minute reprieve late Sunday as a US federal judge halted enforcement of a politically charged ban ordered by the Trump administration on downloads of the popular video app, hours before it was set to take effect.

Twitter last week started sending emails to developers to inform them of a vulnerability that might have resulted in the disclosure of developer information, including API keys.

Microsoft Reports Evolution of China-Linked Threat Actor GADOLINIUMMicrosoft this week announced that it recently removed 18 Azure Active Directory applications that were being abused by China-linked state-sponsored threat actor GADOLINIUM.

A Chrome 85 update released by Google this week patches several high-severity vulnerabilities, including ones that can be exploited to hack users by convincing them to install malicious extensions.

Apple on Thursday informed customers that it patched a total of four vulnerabilities across macOS Catalina, High Sierra and Mojave.

Someone has leaked what appear to be source code files for the Windows XP and Windows Server 2003 operating systems

Washington state is among those being targeted by a “large-scale, highly sophisticated” nationwide phishing campaign, the office of Gov. Jay Inslee said Thursday.

A Maryland man was sentenced to 12 months and one day in prison for hacking into and damaging the computers of his former employer.From January 5, 2004, through August 6, 2015, the man, Shannon Stafford, 50, of Crofton, Maryland, was employed at an unnamed international company with thousands of offices worldwide, in the IT department.

A threat actor was able to compromise the network of a federal agency and create a reverse proxy and install malware, the Cybersecurity and Infrastructure Security Agency (CISA) reported on Thursday.

Tyler Technologies, a major provider of software and services for state and local governments in the United States, has confirmed that the recently disclosed cybersecurity incident involved ransomware.

A Russian citizen accused of offering a Tesla employee $1 million to enable a ransomware attack at the electric car company’s plant in Nevada denied wrongdoing Thursday before a federal magistrate judge.

Cisco on Thursday informed customers that it has patched 34 high-severity vulnerabilities affecting its IOS and IOS XE software, including many that can be exploited remotely without authentication.

A vulnerability in Instagram allowed an attacker to take over an Instagram account and turn the victim's phone into a spying tool by simply sending a malicious image by any media exchange platform.

A Nigerian hacker was sentenced to 36 months in prison in the United States for participating in a scheme that targeted government employees.The man, Olumide Ogunremi, also known as “Tony Williams,” 43, has admitted in federal court to participating in the computer hacking and identity theft scheme.

The COVID-19 pandemic has apparently resulted in industrial systems being increasingly targeted by malicious actors through brute-force attacks on the Remote Desktop Protocol (RDP), Kaspersky reported on Thursday.

A hacking group whose members are Russian speakers is targeting organizations in Russia and post-Soviet countries with ransomware, Group-IB’s security researchers have discovered.

Microsoft says it has observed threat actors actively targeting the Zerologon vulnerability affecting Windows Server.

TikTok is urging a federal court to block US President Donald Trump from banning the video app, arguing the move is motivated by election politics rather than legitimate national security concerns.