Section 702 of the Foreign Intelligence Surveillance Act allows the government to collect intelligence from non-Americans located outside the United States without a warrant. Section 702 cannot be used to target Americans. At least some people say that Section 702 needs some reform. When Section 702 was first enacted lawmakers knew that this could spell […]
Continue reading → [DISPLAY_ACURAX_ICONS]China has long ranked at or near the top of U.S. national security officials’ list of cyber adversaries. On Wednesday, spy agency leaders warned that China is getting even bolder and better in cyberspace. The spies say that if China believed that it was on the verge of a major conflict with us, they might launch […]
Continue reading → [DISPLAY_ACURAX_ICONS]Given the risk of cyberattacks on critical infrastructure, the government is responding. After the Colonial Pipeline attack, the TSA (yes, they are responsible for pipeline security-don’t ask) issued a somewhat misguided set of rules to pipeline owners. Those rules were updated a couple of months later, but at least there is some activity. Actually quite […]
Continue reading → [DISPLAY_ACURAX_ICONS]The U.S. government released its widely anticipated National Cybersecurity Strategy on Tuesday, pushing mandatory regulation on critical infrastructure vendors and green-lighting a more aggressive ‘hack-back’ approach to dealing with foreign adversaries and ransomware actors. The strategy is just that, a roadmap. While parts of it can be done without Congress’ approval, lots of it require additional authority. […]
Continue reading → [DISPLAY_ACURAX_ICONS]Mergers and acquisitions are a time to tread carefully. While all M&A teams review financials, sales projections, key personnel, etc., it is much less likely that the review includes examining the code base being acquired for vulnerabilities. That is probably not a good decision. Synopsys sells a service to review software during mergers and acquisitions […]
Continue reading → [DISPLAY_ACURAX_ICONS]European Governments Want to be Able to Snoop on ALL of Our Communications As is usually the case, their excuse it that “it is to protect the children”. They want to break encryption while sprinkling magic fairy dust to not break encryption (an impossibility) in an effort to force kiddie porn traders (now called child […]
Continue reading → [DISPLAY_ACURAX_ICONS]