Collaborate Disseminate
A senior CISA official shared details with CyberScoop regarding the incident after the agency notified Congress about it on Friday.
The post Ivanti-linked breach of CISA potentially affected more than 100,000 individuals appeared first on CyberScoop.
Continue reading Ivanti-linked breach of CISA potentially affected more than 100,000 individuals
Members of Congress also asked nominees for their thoughts on how the FTC should tackle AI.
The post FTC nominees urge Congress to pass federal data privacy law appeared first on CyberScoop.
Continue reading FTC nominees urge Congress to pass federal data privacy law
The groups say the bill has laudable goals but could come with unintended consequences for vulnerable children.
The post Rights groups: Kids’ online safety bill could put vulnerable teens at risk appeared first on CyberScoop.
Continue reading Rights groups: Kids’ online safety bill could put vulnerable teens at risk
Federal privacy legislation fails to gain momentum in the Senate.
The post Children’s privacy legislation advances through the Senate, but fight is brewing appeared first on CyberScoop.
Continue reading Children’s privacy legislation advances through the Senate, but fight is brewing
Newly proposed federal privacy framework comes with protections for biometric data and against discrimination.
The post Congress reaches compromise on draft privacy legislation appeared first on CyberScoop.
Continue reading Congress reaches compromise on draft privacy legislation
Republican senators have written to Google CEO Sundar Pichai demanding to know why the company was reportedly slow to disclose a software flaw in its Google+ social network partly out of fear of drawing attention from regulators. “Google must be more forthcoming with the public and lawmakers if the company is to maintain or regain the trust of the users of its services,” states the Oct. 11 letter from Sens. John Thune, S.D., Jerry Moran, Kan., and Roger Wicker, Miss. Thune chairs the Commerce, Science, and Transportation Committee. The software flaw, which Google announced Monday, exposed profile data such as email addresses and age, through an API. The incident affected up to 500,000 accounts, according to Google, which shut down consumer use of Google+ in response. Although the tech giant said it discovered and patched the bug in March, according to an internal company memo cited by the Wall Street […]
The post Slow disclosure of Google+ flaw draws attention of senators appeared first on Cyberscoop.
Continue reading Slow disclosure of Google+ flaw draws attention of senators
Senators rebuked Uber on Tuesday during a Senate Commerce subcommittee hearing over the company’s handling of the data breach it disclosed in November 2017, with one lawmaker calling the company’s decision to wait a year before publicly disclosing it “morally wrong and legally reprehensible.” Uber’s actions “violated not only the law but the norm of what should be expected,” said Sen. Richard Blumenthal, D-Conn., the subcommittee’s ranking member said. Uber revealed in November 2017 it paid $100,000 to delete data of 57 million users worldwide that was maliciously obtained by Florida-based hackers. The data included names, email addresses and phone numbers, and in some cases, encrypted passwords and driver’s license numbers. While Uber says that the hackers acted maliciously, the company paid them through HackerOne, which hosts Uber’s bug bounty program – a way for ethical hackers to receive payouts for informing companies about vulnerabilities. During the hearing, the lawmakers questioned Uber’s chief […]
The post Senators grill Uber CISO over 2016 breach, extortion incident appeared first on Cyberscoop.
Continue reading Senators grill Uber CISO over 2016 breach, extortion incident
Legislation advancing in the Senate would expand a National Science Foundation scholarship program that funds cybersecurity education for students who commit to government service after they obtain their degree. The Cyber Scholarship Opportunities Act would expand the NSF’s CyberCorps: Scholarship-for-Service program, which awards grants and scholarships to students in exchange for agreeing to take on cybersecurity jobs in federal or state and local government after they graduate. The proposal, S. 754, which was marked up and approved unanimously Wednesday by the Senate Commerce, Science and Technology Committee, would expand the parameters of the SfS program so that it can include students studying part-time or in two year courses at community college. It also would mandate a series of pilots at community colleges around the country, including for military veterans. Workforce experts predict a growing “skills gap” in the cybersecurity workforce, especially for the government, which cannot easily hike its wages. Policy initiatives like the CyberCorps SfS […]
The post U.S. government’s cyber Scholarship-for-Service program would expand under Senate bill appeared first on Cyberscoop.
Several major technology companies are calling for increased transparency from the U.S. government after WikiLeaks published CIA documents showing that the spy agency knew of vulnerabilities in software products but did not disclose them. “We need to look at this like what is the probability that something will be found by other adversaries. There are many elements that need to go into that decision, and being transparent on what the criteria is” will help the government be more open while protecting classified material, said Intel Security’s Chief Technology Officer Steve Grobman during a hearing Wednesday by the Senate Committee on Commerce, Science, and Transportation. “I think the key thing is transparency,” Grobman said, referring to the vulnerabilities equities process, or VEP. The VEP is a secretive framework that essentially guides when and if a federal agency will notify an organization of a known software flaw that was discovered by the U.S. government. Because […]
The post Government hoarding of software vulnerabilities needs more transparency, tech firms say appeared first on Cyberscoop.