TikTok is toast -- at least in the U.S.
The U.S. Supreme Court today upheld a ruling that would ban the app as of Sunday, January 19, 2025, unless its parent company, ByteDance, divested.
As of Sunday, it will be illegal for app stores and internet hosting services to distribute the social network. TikTok has warned that the app will simply “go dark” on Sunday, but it’s unclear what will happen once the ban takes effect.
It's also not clear whether the incoming presidential administration will take action -- will Trump intervene? Will a sale of the company happen? We'll keep you posted.
Now, here's today's MSSP update. Drop me a line at [email protected] if you have news to share or want to say hi!
Today's MSSP Update
1. FTC tells GoDaddy to get serious about data security: The Federal Trade Commission (FTC) ordered U.S. web hosting company GoDaddy to implement stronger data security measures, SC Media reported. Since 2018, GoDaddy has been hit by several data breaches due to inadequate data protections. The FTC said GoDaddy should establish an information security program tracking its security assets, policies, and settings, and have the program evaluated by an external security provider. GoDaddy also should accurately depict its data monitoring and security practices to its customers, according to the FTC.
2. Wolf Haldenstein breach impacts 3.5M: U.S. law firm Wolf Haldenstein Adler Freeman & Herz LLP had information from almost 3.5 million individuals stolen following a data breach in December 2023. Infiltration of Wolf Haldenstein's systems facilitated the compromise of individuals' full names, Social Security numbers, employee identification numbers, medical diagnoses, and medical claim details. None of the stolen data has been misused so far, the law office said in a data breach notice, which added that investigation into the extent of the breach only concluded in December 2024.
3. Hack? What hack?: Some firms are refuting claims they were impacted by last year's Cl0p ransomware attack, TechCrunch reported. Hertz, Western Alliance Bank and Arrow Electronics said there was no evidence their systems had been compromised despite the ransomware gang claiming otherwise and threatening to release the companies' data.
4. Fortinet firewalls fail: A newly emergent threat operation, Belsen Group, leaked more than 15,000 Fortinet FortiGate firewalls' sensitive data for free in BreachForums, reports Security Affairs. The data includes IP addresses, passwords, and configuration files, Belsen Group bragged on the hacking forum. All of the impacted FortiGate firewalls — most of which are in Mexico, the U.S., and Germany — had FortiOS versions prior to version 7.2.2, unveiled in October 2022, while many of the exposed IPs were from leading internet service providers, including Vodafone and Deutsche Telekom, according to analysis from Heise Security.
