When good-faith hacking gets people arrested, with Harley Geiger: Lock and Code S03E14

Credit to Author: Malwarebytes Labs| Date: Mon, 04 Jul 2022 19:51:26 +0000

This week on Lock and Code, we discuss the various laws that can be violated when good-faith hacking reveals security flaws.

The post When good-faith hacking gets people arrested, with Harley Geiger: Lock and Code S03E14 appeared first on Malwarebytes Labs.

Read more

What Counts as “Good Faith Security Research?”

Credit to Author: BrianKrebs| Date: Fri, 03 Jun 2022 19:33:03 +0000

The U.S. Department of Justice (DOJ) recently revised its policy on charging violations of the Computer Fraud and Abuse Act (CFAA), a 1986 law that remains the primary statute by which federal prosecutors pursue cybercrime cases. The new guidelines state that prosecutors should avoid charging security researchers who operate in “good faith” when finding and reporting vulnerabilities. But legal experts continue to advise researchers to proceed with caution, noting the new guidelines can’t be used as a defense in court, nor are they any kind of shield against civil prosecution.

Read more

Stalkerware’s legal enforcement problem

Credit to Author: David Ruiz| Date: Mon, 18 Nov 2019 15:47:58 +0000

Those who install stalkerware with the intent to monitor, control, harass, or otherwise abuse their victims typically get away with it, avoiding legal penalty even if there’s plenty of evidence to suggest their guilt.

Categories:

Tags:

(Read more…)

The post Stalkerware’s legal enforcement problem appeared first on Malwarebytes Labs.

Read more

New Bill Seeks Basic IoT Security Standards

Credit to Author: BrianKrebs| Date: Tue, 01 Aug 2017 19:32:47 +0000

Lawmakers in the U.S. Senate today introduced a bill that would set baseline security standards for the government’s purchase and use of a broad range of Internet-connected devices, including computers, routers and security cameras. The legislation, which also seeks to remedy some widely-perceived shortcomings in existing cybercrime law, was developed in direct response to a series of massive cyber attacks in 2016 that were fueled for the most part by poorly-secured “Internet of Things” (IoT) devices.

Read more