CFAA – WindowsTechs.com

Smashing Security podcast #278: Tim Hortons, avoiding sanctions, and good faith security research

Posted on June 9, 2022 by Graham Cluley

Trouble brews with the Tim Hortons app, Mandiant gets in a tussle with a Russian ransomware gang, and should good faith security researchers be at risk of prosecution?

All this and much more is discussed in the latest edition of the award-winning “S… Continue reading Smashing Security podcast #278: Tim Hortons, avoiding sanctions, and good faith security research→

Smashing Security podcast #207: Cyber biowarfare, giant ladybugs, and strippers

Posted on December 3, 2020 by Graham Cluley

Fears are raised about cyber bioterrorists, there’s a widespread blackout for IoT devices caused by a cloud cock-up, and what role do strippers play in a revamp of the United States’s computer crime laws?

All this and much more is discussed in the l… Continue reading Smashing Security podcast #207: Cyber biowarfare, giant ladybugs, and strippers→

Federal officials have arrested another accused FIN7 hacker

Posted on May 26, 2020 by Shannon Vavra

A Ukrainian national was arrested last week in Seattle for his alleged involvement in hacking operations run by FIN7, a syndicate known for stealing approximately $1 billion from its victims in the United States. According to court documents obtained by CyberScoop, Denys Iarmak has been charged with conspiracy to commit computer hacking, accessing a protected computer to commit fraud, intentional damage to a protected computer, access device fraud, conspiracy to commit wire and bank fraud, wire fraud, and aggravated identity theft. The arrest is a significant move against financially motivated FIN7, which has targeted the hospitality and gaming industries in the last several years. FIN7 has gone after restaurants including Chipotle, Red Robin, Taco John, as well as a credit union and a casino. According to the court documents, Iarmak was part of a scheme where operators allegedly ran spearphishing campaigns to gain unauthorized access to victim computers, deploy malware, conduct […]

The post Federal officials have arrested another accused FIN7 hacker appeared first on CyberScoop.

Continue reading Federal officials have arrested another accused FIN7 hacker→

Facebook, Google, YouTube order Clearview to stop scraping faceprints

Posted on February 7, 2020 by Lisa Vaas

It’s my First Amendment right to scrape publicly available face images, its CEO says. Besides, we’re just doing what Google Search does. Continue reading Facebook, Google, YouTube order Clearview to stop scraping faceprints→

Ubisoft sues DDoS-for-hire operators for ruining game play

Posted on January 22, 2020 by Lisa Vaas

The network of sites and services run by the alleged operators target the Rainbow Six Siege game, selling attacks to cheating players. Continue reading Ubisoft sues DDoS-for-hire operators for ruining game play→

LinkedIn can’t block public profile data scraping, court rules

Posted on September 11, 2019 by Lisa Vaas

The long-awaited decision found that automated scraping of publicly accessible data likely doesn’t violate the CFAA. Continue reading LinkedIn can’t block public profile data scraping, court rules→

Capital One cryptojacking suspect indicted

Posted on September 2, 2019 by Lisa Vaas

The former software engineer allegedly created scanners to look for misconfigured servers rented from a cloud computing company. Continue reading Capital One cryptojacking suspect indicted→

More than 2m AT&T phones illegally unlocked by bribed insiders

Posted on August 8, 2019 by Lisa Vaas

The alleged, now indicted ringleader paid more than $1m in bribes to insiders who planted malware and hardware for remote unlocking. Continue reading More than 2m AT&T phones illegally unlocked by bribed insiders→

Congress to take another stab at hack back legislation

Posted on June 13, 2019 by Shannon Vavra

The concept of “hacking back” — which has often been referred to as “the worst idea in cybersecurity” — has resurfaced again in Washington. Rep. Tom Graves, R-Ga., is reintroducing a bill Thursday that would allow companies to go outside of their own networks to identify their attackers and possibly disrupt their activities. While Graves has made previous attempts to legalize the practice, “hacking back” would currently be a violation of the Computer Fraud and Abuse Act. The CFAA, enacted in 1986, makes it illegal to access computers without authorization. Graves told CyberScoop the bill is necessary in part because companies are left without recourse when they are attacked. “Where do they turn — can they call 911? What do they do?” Graves said. “They have nowhere to turn.” The incentive to pass this bill, Graves says, also stems in part from the fact that there are no guidelines right now for companies that […]

The post Congress to take another stab at hack back legislation appeared first on CyberScoop.

Continue reading Congress to take another stab at hack back legislation→

Apple sued for ‘forcing’ 2FA on accounts

Posted on February 12, 2019 by Lisa Vaas

Time is money, baby: Jay Brodsky claims that Apple’s 2FA “intermeddling” takes minutes out of his day, causing “economic loss.” Continue reading Apple sued for ‘forcing’ 2FA on accounts→