Cybersecurity experts and digital rights organizations say that the high court’s future ruling will determine whether bug hunters and pen testers could be charged if their research into systems is deemed excessive, even if the actions are intended to be ethical.
Prosecutors dropped felony criminal charges against a pair of ethical pen testers arrested while assessing the security of an Iowa courthouse. But the the two men are not ready move on just yet. Coalfire employees Gary DeMercurio, managing senior, and Justin Wynn, senior security consultant, lobbied Wednesday at the virtual Black Hat conference for a…
The U.S. Senate Committee on Commerce, Science and Transportation on Wednesday held a hearing where officials from leading tech and telecom firms posed key recommendations to lawmakers who seek to replace and further prohibit telecommunications equipment that may pose a security risk, including products from China-based Huawei and ZTE. Among the key suggestions was that…
Facebook has agreed to set aside $550 million to settle a class-action lawsuit brought by users who allege the social media company violated the Illinois Biometric Information Privacy Act (BIPA), attorneys for the plaintiffs announced on Wednesday. San Francisco Federal District Court Judge James Donato must still approve the settlement, which the lawyers claim is…
The New York City Police Department has arrested a ninth member of the Methbot click-fraud gang, according to court documents. Sergey Denisoff’s arrest comes one year after eight other Methbot members were charged and arrested. Denisoff was not named in the original court filing, but was named part of the group in an affidavit filed…
The U.S. Senate last week passed a bill requiring the Department of Homeland Security to maintain cyber hunt and incident response teams, while the House passed one that instructs DHS to share protocols for mitigating cyber vulnerabilities. The Senate bill, S.315, aka the DHS Cyber Hunt and Incident Response Teams Act of 2019, passed by…
Law enforcement officials at home and abroad have arrested 281 individuals over a span of four months, in a massive crackdown on various business email compromise scams, the Justice Department announced yesterday. Dubbed Operation reWired, the coordinated campaign began in May 2019 and has resulted in 72 arrests in the U.S., and 167 in Nigeria,…
The Department of Justice has indicted two Americans and a Nigerian on multiple charges for their alleged roles in a phishing scheme that targeted college employees, banks and other businesses from May 2013 through June 2014. Filed on Tuesday in U.S. District Court in New Mexico, the indictment identifies the defendants as Nigerian citizen Otuokere…
U.S. Senators Mike Crapo, R-Idaho, and Mark Warner, D-Va., have introduced federal legislation designed to protect critical technologies from supply chain attacks by China and other foreign threat actors. The bill, known as S. 2316 or the The Manufacturing, Investment, and Controls Review for Computer Hardware, Intellectual Property and Supply (MICROCHIPS) Act, would require U.S.…
The massive Capital One data breach that compromised the personal information of 100 million credit card customers and applicants serves as a stark reminder that misconfigurations and malicious insiders can defeat the most well-intentioned cyber defenses, even when companies rely on a third-party cloud service to securely manage their data. In the case of Capital…
