Tag Archive for: ceo

3CX CEO suggests state-sponsored hackers behind supply chain malware attack

/in


Business communications firm 3CX confirmed the downloader for its voice over IP (VoIP) desktop software has been tampered with and now installs a version that sideloads malware onto a victim’s computer

The issue, dubbed ‘SmoothOperator’, is believed to be a supply chain malware attack carried out by a suspected state-sponsored threat actor, with attacks starting last week, according to user reports.

3CX revealed in a blog post on Thursday that it noticed a “security issue” in its Electron Windows App with Update 7, version numbers 18.12.407 & 18.12.416.

It added that antivirus vendors may have flagged the legitimate 3CXDesktopApp.exe and uninstalled it.

3CX said it was still researching the issue, but believes it originated in one of the bundled libraries it compiled into the Windows Electron App via GIT. The domains contacted by the compromised library have already been reported, with most shut off overnight, said CISO Pierre Jourdan.

“A GitHub repository which listed them has also been shut down, effectively rendering it harmless,” he said.

“Worth mentioning – this appears to have been a targeted attack from an Advanced Persistent Threat, perhaps even state-sponsored, that ran a complex supply chain attack and picked who would be downloading the next stages of their malware,” said Jourdan. “The vast majority of systems, although they had the files dormant, were in fact never infected.”

The company is currently working on a new Windows App that isn’t affected by the issue, and will also issue a new certificate for the app. Jourdan said this will take at least 24 hours.

He also encouraged customers to use its PWA app, which is completely web-based. “The advantage is that it does not require any installation or updating and chrome web security is applied automatically,” he said.

3CX CEO Nick Galea said in a company forum post that the issue was reported to the organisation on the evening of 29 March.

He recommended uninstalling the app and installing it again, and added that if customers are running Windows Defender it will uninstall it automatically. Galea said the company is going to analyse the issue and release a report later on Thursday, but is now only…

Source…

TikTok CEO Shou Zi Chew faces off with Congress, hoping to stave off possible ban over security fears

/in


WASHINGTON — U.S. lawmakers grilled the CEO of TikTok over data security and harmful content Thursday, responding skeptically during a tense committee hearing to his assurances that the hugely popular video-sharing app prioritizes user safety and should not be banned.

Shou Zi Chew’s testimony came at a crucial time for the company, which has acquired 150 million American users but is under increasing pressure from U.S. officials. TikTok and its parent company ByteDance have been swept up in a wider geopolitical battle between Beijing and Washington over trade and technology.

In a rare bipartisan effort to reign in the power of a major social media platform, Republican and Democratic lawmakers pressed Chew on a host of topics, ranging from TikTok’s content moderation practices, how the company plans to secure American data from Beijing, and its spying on journalists.

“Mr. Chew, you are here because the American people need the truth about the threat TikTok poses to our national and personal security,” Committee Chair Cathy McMorris Rodgers, a Republican, said in her opening statement. “TikTok has repeatedly chosen a path for more control, more surveillance and more manipulation.”

Chew, a 40-year-old Singapore native, told the House Committee on Energy and Commerce that TikTok prioritizes the safety of its young users and denied allegations that it’s a national security risk. He reiterated the company’s plan to protect U.S. user data by storing all such information on servers maintained and owned by the software giant Oracle.

“Let me state this unequivocally: ByteDance is not an agent of China or any other country,” Chew said.

On Wednesday, the company sent dozens of popular TikTokers to Capitol Hill to lobby lawmakers to preserve the platform. It has also been putting up ads all over Washington that promise to secure users’ data and privacy, and create a safe platform for its young users.

TikTok has been dogged by claims that its Chinese ownership means user data could end up in the hands of the Chinese government or that it could be used to promote narratives favorable to the country’s Communist leaders.

In 2019, the Guardian reported that TikTok was instructing its moderators to censor…

Source…

Skeptical U.S. lawmakers grill TikTok CEO over safety

/in




WASHINGTON — U.S. lawmakers grilled the CEO of TikTok over data security and harmful content Thursday, responding skeptically during a tense committee hearing to his assurances that the hugely popular video-sharing app prioritizes user safety and should not be banned.

Shou Zi Chew’s rare public appearance came at a crucial time for the company, which has 150 million American users but is under increasing pressure from U.S. officials. TikTok and its Chinese parent company, ByteDance, have been swept up in a wider geopolitical battle between Beijing and Washington over trade and technology.

In a bipartisan effort to reign in the power of a major social media platform, Republican and Democratic lawmakers pressed Chew on a host of topics, ranging from TikTok’s content moderation practices, how the company plans to secure American data from Beijing, and its spying on journalists.

“Mr. Chew, you are here because the American people need the truth about the threat TikTok poses to our national and personal security,” Committee Chair Cathy McMorris Rodgers, a Republican, said in her opening statement.

Chew, a 40-year-old Singapore native, told the House Committee on Energy and Commerce that TikTok prioritizes the safety of its young users and denied it’s a national security risk. He reiterated the company’s plan to protect U.S. user data by storing it on servers maintained and owned by the software giant Oracle.

“Let me state this unequivocally: ByteDance is not an agent of China or any other country,” Chew said.

TikTok has been dogged by claims that its Chinese ownership means user data could end up in the hands of the Chinese government or that it could be used to promote narratives favorable to the country’s Communist leaders.

In 2019, the Guardian reported that TikTok was instructing its moderators to censor videos that mention Tiananmen Square and images unfavorable to the Chinese government. The platform says it has since changed its moderation practices.

ByteDance admitted in December that it fired four employees last summer who accessed data on two journalists and people connected to them while…

Source…

TikTok CEO faces off with Congress over security fears

/in


WASHINGTON – The CEO of TikTok will make a high-profile appearance Thursday before a U.S. Congressional committee, where he’ll face a grilling on data security and user safety while he makes his own case for why the hugely popular video-sharing app shouldn’t be banned.

Shou Zi Chew’s testimony comes at a crucial time for the company, which has acquired 150 million American users but is under increasing pressure from U.S. officials. TikTok and its parent company ByteDance have been swept up in a wider geopolitical battle between Beijing and Washington over trade and technology.

Chew, a 40-year-old Singapore native, is making a rare public appearance to counter the volley of accusations that TikTok has been facing. On Wednesday, the company sent dozens of popular TikTokers to Capitol Hill to lobby lawmakers to preserve the platform. It has also been putting up ads all over Washington that tout promises of securing users data and privacy and creating a safe platform for its young users.

Chew plans to tell the U.S. House Committee on Energy and Commerce that TikTok prioritizes the safety of its young users and deny allegations that the app is a national security risk, according to his prepared remarks released ahead of the hearing.

TikTok has been dogged by claims that its Chinese ownership means user data could end up in the hands of the Chinese government or that it could be used to promote narratives favorable to the country’s Communist leaders.

“We understand the popularity of Tiktok, we get that,” said White House press secretary Karine Jean-Pierre at a press conference Wednesday afternoon. “But the President’s job is to make sure again that the Americans, national security is protected as well. ”

For its part, TikTok has been trying to distance itself from its Chinese origins, saying that 60% percent of its parent company ByteDance is owned by global institutional investors such as Carlyle Group. ByteDance was founded by Chinese entrepreneurs in Beijing in 2012.

“Let me state this unequivocally: ByteDance is not an agent of China or any other country,” Chew said.

A U.S. ban on an app would be unprecedented and it’s unclear how the government would go about…

Source…