Collaborate Disseminate
What the two Twitter employees’ actions in accessing user data for use by the Saudi Kingdom was not technically a criminal offense On Nov. 7, the United States Department of Justice (DoJ) charged two individuals, one a U.S. citizen the other a c… Continue reading Twitter and the Saudi Computer Crime – Or Was It?
An FTC suit against a software developer may open the door for prosecution of hacker tools On Oct. 22, the U.S. Federal Trade Commission (FTC) settled an enforcement action against a software developer because its software could be used by users for p… Continue reading FTC Enforcement Action May Open Way for Punishment of Hacker Tools
When it comes to encryption, we are having another Groundhog Day. The U.S., UK and Australian governments are pressuring Facebook to stop its plans to include “end to end” encryption, which would enhance the privacy and security of the social media pl… Continue reading U.S. AG Wants Legal Back Door to All Facebook Postings (and Everything Else)
From 2015 through 2016, during the run-up to the presidential election, certain cloud servers used by the Democratic National Committee (DNC) were attacked and infiltrated by advanced persistent threat (APT) actors from Russia. This resulted in the re… Continue reading Trump, Ukraine, Crowdstrike and Servers – What Gives?
From 2015 through 2016, during the run-up to the presidential election, certain cloud servers used by the Democratic National Committee (DNC) were attacked and infiltrated by advanced persistent threat (APT) actors from Russia. This resulted in the re… Continue reading Trump, Ukraine, Crowdstrike and Servers – What Gives?
Yesterday, I wrote about two employees of CoalFire who were arrested for performing a physical pen test of various courthouses in Iowa. The article focused on the need to have a well-defined Statement of Work and contract. Well, guess what. The State of Iowa Judicial Branch released exactly these documents. And guess what? Page 12 of the…
The post Update on Iowa appeared first on SecurityCurrent.
On September 10, 2019, leaders of the high tech and business world, through the Business Roundtable, sent a letter to political leaders urging them to pass a comprehensive federal consumer data privacy law. The letter, signed by individuals like Amazon’s Jeff Bezos and Michael Dell, and other business leaders noted that “There is now widespread agreement among…
The post Data Privacy – I Do Not Think That Word Means What You Think it Means appeared first on SecurityCurrent.
Continue reading Data Privacy – I Do Not Think That Word Means What You Think it Means
Your domain is your domain. Your website is your website. You decide who can access your site, who can access your data, and how they can do that. You make those decisions through both technology (e.g., code, access control, userIDs, passwords, multifactor authentication) and contracts (terms of use, terms of service, privacy policies, software license…
The post Scraping Away at Computer “Crime” – Federal Appeals Court Rules Against LinkedIn in online “scraping” case appeared first on SecurityCurrent.
Amazon’s Ring video doorbell allows you to see who is at (or near) your doorstep. Under a semi-secret program called “Neighbors” it also allows the police to see the same thing. The program incentivizes police to “sell” the Ring device to consumers (even giving the police free surveillance devices themselves) and creates a network whereby…
The post Doorbell privacy: Where the ring tolls appeared first on SecurityCurrent.
Insurance companies are moving to a holistic model to measure risk, not just security. Businesses should, also Reinsurance giant Swiss Re, together with British reinsurer Capsicum Re, launched a reinsurance product Sept. 8. Ho hum. Insurance is MEGO—t… Continue reading Beyond Security to Risk Management