S.B. 315 uses the term, “unauthorized access,” which is a very murky term. If you’re trying to go through all the proper channels in advance and get authorization for something, it’s not always clear who the person who has the authority to give that authorization is. If it’s a website and you’re testing some part […]
Tag: legal
The Cyber Defense Certainty Act, Active Defense or Hacking Back?
The Active Cyber Defense Certainty Act seeks to “…provide a defense to prosecution for fraud and related activity in connection with computers for persons defending against unauthorized intrusions into their computers, and for other purposes“. The [draft] bill seems well intentioned but overly ambiguous, leaving a lot of room for abuse (and for other purposes […]
Quick comments on the proposed encryption bill and the Apple -vs- FBI battle (yes, they’re related)
New encryption bill proposed by Richard Burr (Republican, North Carolina) and Dianne Feinstein (Democrat, California) seeks to effectively require backdoors in encryption. The intent of the law is, I believe, noble. The backdoors would only be available to law enforcement and then only in the most serious circumstances like terrorist attacks, child pornography, human trafficking, […]
Attackers targeting law firms, a warning for other market verticals
Levin advocates high-stakes law firms shake up their security status quo and put in place more aggressive security protocols. For starters, Levin said, companies need to boost employee awareness, training and adopt robust damage control programs that can limit the inevitable fallout from breaches. — Threatpost According to this article from Threatpost, attackers have been […]