To settle with the DoJ, Uber must confess to a cover-up. And it did.

Credit to Author: Malwarebytes Labs| Date: Fri, 29 Jul 2022 16:44:16 +0000

The 2016 Uber data breach affected the personal information of 57 million people. And then the company covered it all up.

The post To settle with the DoJ, Uber must confess to a cover-up. And it did. appeared first on Malwarebytes Labs.

Read more

When good-faith hacking gets people arrested, with Harley Geiger: Lock and Code S03E14

Credit to Author: Malwarebytes Labs| Date: Mon, 04 Jul 2022 19:51:26 +0000

This week on Lock and Code, we discuss the various laws that can be violated when good-faith hacking reveals security flaws.

The post When good-faith hacking gets people arrested, with Harley Geiger: Lock and Code S03E14 appeared first on Malwarebytes Labs.

Read more

What Counts as “Good Faith Security Research?”

Credit to Author: BrianKrebs| Date: Fri, 03 Jun 2022 19:33:03 +0000

The U.S. Department of Justice (DOJ) recently revised its policy on charging violations of the Computer Fraud and Abuse Act (CFAA), a 1986 law that remains the primary statute by which federal prosecutors pursue cybercrime cases. The new guidelines state that prosecutors should avoid charging security researchers who operate in “good faith” when finding and reporting vulnerabilities. But legal experts continue to advise researchers to proceed with caution, noting the new guidelines can’t be used as a defense in court, nor are they any kind of shield against civil prosecution.

Read more

Twitter fined $150M after using 2FA phone numbers for marketing

Credit to Author: Malwarebytes Labs| Date: Fri, 27 May 2022 12:27:05 +0000

Twitter is paying the price for using users’ security information for targeted advertising,

The post Twitter fined $150M after using 2FA phone numbers for marketing appeared first on Malwarebytes Labs.

Read more

DEA Investigating Breach of Law Enforcement Data Portal

Credit to Author: BrianKrebs| Date: Thu, 12 May 2022 11:00:30 +0000

The U.S. Drug Enforcement Administration (DEA) says it is investigating reports that hackers gained unauthorized access to an agency portal that taps into 16 different federal law enforcement databases. KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates police and government officials to harvest personal information on their targets.

Read more

Stalkerware’s legal enforcement problem

Credit to Author: David Ruiz| Date: Mon, 18 Nov 2019 15:47:58 +0000

Those who install stalkerware with the intent to monitor, control, harass, or otherwise abuse their victims typically get away with it, avoiding legal penalty even if there’s plenty of evidence to suggest their guilt.

Categories:

Tags:

(Read more…)

The post Stalkerware’s legal enforcement problem appeared first on Malwarebytes Labs.

Read more

Backdoors are a security vulnerability

Credit to Author: David Ruiz| Date: Fri, 09 Aug 2019 16:10:27 +0000

Upset by their inability to access potentially vital evidence for criminal investigations, the federal government has, for years, pushed to convince tech companies to build backdoors that will, allegedly, only be used by law enforcement agencies. The problem, cybersecurity researchers say, is that those backdoors can easily be exploited by criminals.

Categories:

Tags:

(Read more…)

The post Backdoors are a security vulnerability appeared first on Malwarebytes Labs.

Read more

A week in security (May 27 – June 2)

Credit to Author: Malwarebytes Labs| Date: Mon, 03 Jun 2019 17:09:55 +0000

A roundup of security news from May 27–June 2, including a look at 2019 ransomware outbreaks in the Unites States, ATM fraud, NIST’s privacy framework, more legal problems for Google and Facebook, and more.

Categories:

Tags:

(Read more…)

The post A week in security (May 27 – June 2) appeared first on Malwarebytes Labs.

Read more