05-06-202107-06-2021

Security daily (06-06-2021)

TikTok Quietly Updated Its Privacy Policy to Collect Users' Biometric Data

Popular short-form video-sharing service TikTok quietly revised its privacy policy in the U.S., allowing it to automatically collect biometric information such as faceprints and voiceprints from the content its users post on the platform. The policy change, first spotted by TechCrunch, went into effect on June 2. TikTok users who reside in the European Economic Area (EEA), the U.K., Switzerland, (The Hacker News)

ALERT: Critical RCE Bug in VMware vCenter Server Under Active Attack

Malicious actors are actively mass scanning the internet for vulnerable VMware vCenter servers that are unpatched against a critical remote code execution flaw, which the company addressed late last month. The ongoing activity was detected by Bad Packets on June 3 and corroborated yesterday by security researcher Kevin Beaumont. "Mass scanning activity detected from 104.40.252.159 checking for (The Hacker News)

Malware Can Use This Trick to Bypass Ransomware Defense in Antivirus Solutions

Researchers have disclosed significant security weaknesses in popular antivirus software applications that could be abused to deactivate their protections and take control of allow-listed applications to perform nefarious operations on behalf of the malware to defeat anti-ransomware defenses. The twin attacks, detailed by academics from the University of Luxembourg and the University of London, (The Hacker News)

05-06-202107-06-2021

/security-daily/ 07-06-2021 23:44:22