POPULARITY
This week we bring the Quebec chapter of the CFAA (the ACAI in French) to the podcast to introduce us to their 2024 winner of the Above and Beyond Award!The first part is in French and then I offer a summary translation at the end for those who didn't -quite- catch it all!Thanks to Raphael for taking the reigns and leading the interview in my SECOND language! Hosted on Acast. See acast.com/privacy for more information.
This week, we talk to Suzanne Alfano (Executive Director of the CFAA) Stephen Ames (past President and currently working on the ISO certification project for the CFAA) about the contemplated certification to ISO standard 17024. We discuss the process and where we are so far in this journey. Hosted on Acast. See acast.com/privacy for more information.
On this Year-End episode, I have asked a few of my past guests and also Suzanne Alfano, Executive Director fo the CFAA and Jordan Klemick, Current President of the CFAA, to give us some year end summary of what we are doing at the executive committee level and what we have planned in 2025.I was also able to bring on Cathy and Mark, who have been on the podcast in the past and have rolls within chapters of the CFAA. I wish you all a Happy New Year and we will see you on the road somewhere in Canada or you wil continue to hear us on the podcast.Thanks for listening this year and for continunin to spread the word on the podcast to all of your fellow fire alarm technicians, engineers, managers and AHJ's.See you in 2025 with season 2 of the CFAA Fire Alarm Technician's Podcast! Hosted on Acast. See acast.com/privacy for more information.
The Electronic Frontier Foundation, long time critics of the Computer Fraud and Abuse Act, followed Weev's trial - but did not get involved. For the appeal, however, the organization decided to step it. But althought the EFF had some strong points against the CFAA - the justices, appearntly, had something very different on their mind. Advertising Inquiries: https://redcircle.com/brands
Part 2 of the podcast on a behind the scenes of the CFAA board of directors and committees. This episode focuses on the technicians and how you as a tech can get involved, what the levels of membership in the CFAA look like, and other topics of interest to our technician members. Hosted on Acast. See acast.com/privacy for more information.
This week, we take a look 'behind the curtain of the CFAA Boards and Committees and see how the sausage is made! We will dive into each of the committees and see how they all work together to make the engine run for the CFAA. Hosted on Acast. See acast.com/privacy for more information.
This week's episode is with Randy Panesar from Durham College and we go over where we were, where we are, and where we are going in education for fire alarm systems in Canada. Hosted on Acast. See acast.com/privacy for more information.
On podcast 202 of the Security box, we revisit a topic that we think isn't doing any good today. That is, the Computer Fraud and Abuse Act. We take from Wikipedia's article discussing it, and we discuss whether its worth having it or doing something else. We also covered the news and the landscape, and yes, we had people out and about this week. We push on. Enjoy the program and thanks for listening! Thanks to our affiliates for playing our program, and those that provide the content for publishing it. See you next time!
This week's Open Mic guest is Donnell Rehagen, CEO of Clean Fuels Alliance America. With an expanded mission of increased renewable fuels types and feedstocks, CFAA hopes to see expanded growth of renewable liquid fuels in the near future. Rehagen sees the industry's potential beyond the 4.6 billion gallon industry as it stands today with growth in industrial, transportation and sustainable aviation fuel, but feedstock availability and government regulations have proven formidable headwinds for industry growth. CFAA applauds Agriculture Secretary Tom Vilsack's call for information to develop sustainable agriculture practices to help qualify crops as feedstocks for the Treasury Department's 45Z rules and tax credits.
This episode of the Fire Sprinkler Podcast is my conversation with Tim Renaud. Tim is the host of the new (ish) CFAA Fire Alarm Technicians Podcast, where he digs into various aspects of the Fire Alarm Industry. Based out of Vancouver BC, Canada, Tim's podcast talks various installation techniques, products, and aspects of the fire alarm industry of concern! Enjoy!
On this episode of the Commercial Real Estate Podcast, hosts Adam Powadiuk and Aaron Cameron speak with Tony Irwin, Director and Interim President at the Canadian Federation of Apartment Associations (CFAA). Topics covered include: How CFAA shapes the Canadian rental housing landscape Changing the perspective toward rental housing The long road to GST reforms and... The post Rethinking the Canadian Rental Market with Tony Irwin of CFAA appeared first on Commercial Real Estate Podcast.
This week on Haunt Weekly, we're donning our hazmat suits and diving deep into the two lawsuits filed by Russ McKamey of McKamey Manor fame.What is he suing for? How solid are his arguments? How could these lawsuits impact the haunt industry? We're going to discuss all that and much more.This Week's Episode Includes: 1. Intro2. Work We Did on the Haunt3. Question of the Week 4. Disclosures and Background5. Analysis of AG/Fire Marshal Lawsuit6. Analysis of the Hulu Lawsuit7. ConclusionsAll in all, this is one episode you do NOT want to miss!Get in Touch and Follow Us!Facebook: @HauntWeeklyTwitter: @HauntWeeklyYouTube: @HauntWeeklyEmail: info@hauntweekly.com
Roku stops its users watching TV until they accept a new ToS, the line between journalism and computer fraud and abuse, and when using jumbo frames on a network makes sense. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News Roku disables players and TVs with […]
Guests: Katie Noble, Director, PSIRT and Bug Bounty at Intel CorporationOn LinkedIn | https://www.linkedin.com/in/katie-trimble-noble-b877ba18a/Harley Geiger, Founder and Coordinator, Security Research Legal Defense FundOn LinkedIn | https://www.linkedin.com/in/harleylorenzgeiger/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinView This Show's Sponsors___________________________Episode NotesIn this episode of the Redefining CyberSecurity podcast, host Sean Martin is joined by Katie Noble, Director of Product Security and Communications at Intel Corporation, and Harley Geiger, a cybersecurity attorney at Venable LP. The episode provides a deep dive into the realm of vulnerability disclosure and the corresponding laws that shape its dynamics.The insightful conversation unveiled vulnerability disclosure as a toolbox for receiving vulnerabilities from diverse sources and then subsequently identifying, mitigating, and disclosing them. Both Noble and Geiger highlighted the importance of this process in creating a more secure digital ecosystem. However, they identified some challenges which include technical literacy, uneven state laws, clarity on good-faith security research, and sanctions that restrict conversation about vulnerabilities with certain entities.Furthering the discussion, they touched upon the implications of AI and services provided through APIs on vulnerability disclosure. They acknowledged AI as an enabler which necessitates creative thinking about new tools for infrastructure security. They also highlighted potential issues with cloud services and AI, along with the growing practice of identifying non-security harms such as bias and discrimination through similar disclosure processes.While discussing the role of regulations and policies, the Noble and Geiger stressed these aid in setting security standards and issuing regulatory compliance. They emphasized that understanding regulation as a net good and engaging proactively with policy formulation can result in better product security.The episode concluded with insights on how regulatory improvements could reduce liability and move the space forward. This includes improvements in state law, clarification around AI, and easing sanctions to allow dialogue around vulnerabilities.___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
Roku stops its users watching TV until they accept a new ToS, the line between journalism and computer fraud and abuse, and when using jumbo frames on a network makes sense. Plug Support us on patreon and get an ad-free RSS feed with early episodes sometimes News Roku disables players and TVs with... Read More
Guests: Katie Noble, Director, PSIRT and Bug Bounty at Intel CorporationOn LinkedIn | https://www.linkedin.com/in/katie-trimble-noble-b877ba18a/Harley Geiger, Founder and Coordinator, Security Research Legal Defense FundOn LinkedIn | https://www.linkedin.com/in/harleylorenzgeiger/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinView This Show's Sponsors___________________________Episode NotesIn this episode of the Redefining CyberSecurity podcast, host Sean Martin is joined by Katie Noble, Director of Product Security and Communications at Intel Corporation, and Harley Geiger, a cybersecurity attorney at Venable LP. The episode provides a deep dive into the realm of vulnerability disclosure and the corresponding laws that shape its dynamics.The insightful conversation unveiled vulnerability disclosure as a toolbox for receiving vulnerabilities from diverse sources and then subsequently identifying, mitigating, and disclosing them. Both Noble and Geiger highlighted the importance of this process in creating a more secure digital ecosystem. However, they identified some challenges which include technical literacy, uneven state laws, clarity on good-faith security research, and sanctions that restrict conversation about vulnerabilities with certain entities.Furthering the discussion, they touched upon the implications of AI and services provided through APIs on vulnerability disclosure. They acknowledged AI as an enabler which necessitates creative thinking about new tools for infrastructure security. They also highlighted potential issues with cloud services and AI, along with the growing practice of identifying non-security harms such as bias and discrimination through similar disclosure processes.While discussing the role of regulations and policies, the Noble and Geiger stressed these aid in setting security standards and issuing regulatory compliance. They emphasized that understanding regulation as a net good and engaging proactively with policy formulation can result in better product security.The episode concluded with insights on how regulatory improvements could reduce liability and move the space forward. This includes improvements in state law, clarification around AI, and easing sanctions to allow dialogue around vulnerabilities.___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
This episode is a discussion with Mark Wilson on some of the changes to S536. Let us know what you think at marketing@cfaa.ca Do you want to get more involved in the CFAA? We need you! Please reach out at marketing@cfaa.ca and we can get you in touch with some of our committees to see what works best for you and your schedule. Hosted on Acast. See acast.com/privacy for more information.
A recent study by Purdue University, in partnership with the United Soybean Board, shows no statistically significant relationship between increased use of soybean oil in biofuel production and retail food prices for consumers. Over the past decade, the amount of soybean oil used in biofuel production has quadrupled. Until recently, though, retail prices for soybean oil – an ingredient for margarine, cooking oils, and salad dressings – have remained stagnant. In this episode of Fueling Conversations Jayson Lusk, distinguished professor and head of agricultural economics at Purdue University and director of its Center for Food Demand Analysis and Sustainability, discusses creating an economic model to identify the effects of shifts in demand for soybean oil in biofuels on food prices.Visit ag.purdue.edu/cfdas/ or cleanfuels.org for more information.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
As the U.S. continues to set goals to decarbonize the economy, engine manufacturers are facing some challenges including uncertainty surrounding new technologies and infrastructure. In this episode of Fueling Conversations, Allen Schaeffer, executive director of the Diesel Technology Forum, expands on some of these challenges and how clean fuels can continue to play an immediate role in decarbonization efforts. Visit dieselforum.org or cleanfuels.org for more information. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
Dana Wentzel Piscopo, CPRC, CFAA, CSRC, MVLCE talks about helping others through sobriety. She's an enthusiastic sobriety and recovery coach with a unique whole-self approach ready to partner with people to find that colorful moxie within through joyful connection and engaging, individual-focused sessions. https://www.linkedin.com/in/dana-wentzel-piscopo-sobriety-and-recovery-coach https://www.coloryourlifellc.com/
The Biobased Academy is a comprehensive training program that aims to educate fleet and facility professionals and technicians on the operational, health, safety, and environmental benefits of biobased fleet and facilities products. Clean fuels are promoted through the program. This episode of Fueling Conversations features Bailey Arnold, director of clean air initiatives with the American Lung Association. He discusses the organization's role in partnership with the United Soybean Board in the Biobased Academy training program. He also discusses working with state soybean groups to promote B20 Clubs in Illinois and Indiana to showcase fleets with experience using B20 or higher biodiesel blends.For more information visit Lung.org, BiobasedAcademy.org, B20ClubIndiana.org, B20Club.org, and CleanFuels.org. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
Founded 55 years ago, Casey's General Stores has a commitment to providing safe, reliable, and sustainable fuels. In recent years, the company has taken steps to expand alternative fuel options and is now offering biodiesel at more than 1,000 locations across its footprint. In this episode of Fueling Conversations, Nathaniel Doddridge, vice president of fuels for Casey's, discusses how the company is rooted in rural communities in the Midwest, making it natural to support a Midwest soy-based biodiesel industry. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
This episode of Fueling Conversations features Joy Gardner, the executive director of Empire Clean Cities, an environmental non-profit organization and the designated U.S. Department of Energy Clean Cities Coalition for New York City and the Lower Hudson Valley. She'll discuss the immediate role that clean fuels can play in addressing environmental concerns and outline how even though the coalition takes a “fuel agnostic” approach in utilizing all available tools to meet carbon reduction goals, it recognizes the impact biodiesel and renewable diesel can make now and in the future. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
The U.S. Department of Agriculture has several Rural Development Energy Programs aimed at increasing production of advanced biofuels and expanding the infrastructure for clean fuels like biodiesel derived from U.S. agricultural feedstocks. In this episode of Fueling Conversations with Clean Fuels Alliance America, Rural Business-Cooperative Service Administrator Karama Neal discusses the Higher Blends Infrastructure Incentive Program and Advanced Biofuel Payment Program. For more information visit rd.usda.gov or cleanfuels.org. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
Axolotls are territorial, regenerative, and maybe hold the secret to eternal youth. Oh, and they're suuuuper cute. In this episode, we share 10 cool facts about axolotls, then we share our interview with Dr. S. Randal Voss. Dr. Voss is one of the leading experts on axolotls, and he shares all sorts of facts about what makes them unique, why they are critically endangered in the wild, and how kids can help protect them. Find out more about Dr. Voss's lab here: http://www.vosslab.com If you want to financially support our podcast, you can do so here: https://www.patreon.com/coolfactsaboutanimals Want some CFAA merch? Get it here: https://www.zazzle.com/store/coolanimalspod/products
Fueling Conversations: Biodiesel's Use During Hurricane RecoverySee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
Wednesday's AOA began with Darin Newsom, Senior Market Analyst at Barchart, who shared his insights on yesterday's corn market move and the flush of longs in the natural gas market. In segment 2, Lucas Fuess, Rabobank's Senior Dairy Analyst reviewed the fundamentals of the dairy industry, both domestically and internationally. Infrastructure was the topic in segment 3, with Dr. Martin Doyle, Director of the Water Policy Project at Duke University outlining the risks to dams across the country. And AOA closed with Kurt Kovarik, VP of Federal Affiars for Clean Fuels Alliance America, who had testified yesterday in front of the EPA about their volume requirements for biodiesel, and he explained CFAA's frustration.
In this episode, one of the most fearsome predators of all time and a living tank go head-to-head. Yes, the T-Rex and the Ankylosaur battle! Before these two face off, we learn key facts to better predict who will take the crown. Which was faster? Which was smarter? Which was best equipped to survive? We gave a few different battle scenarios. What do you think would have happened? Send us an email at coolfactsaboutanimals@gmail.com with your answers, and we will send you a bookmark. We also want to hear from you if you solved our riddle or if you did the kid power challenge. Thank you to Murphy and Eli for being our Patreon sponsors! If you'd like to be a Patreon sponsor, you can check out our page here. https://www.patreon.com/coolfactsaboutanimals The holidays may be over, but you can still show your CFAA pride. Check out our gear store here. https://www.zazzle.com/store/coolanimalspod
If you are a regular listener of our show, you know that we LOVE cats – we even have three! In this episode, we learn all about domestic cats – how smart they are, how much they sleep, how well they communicate, some strange jobs they've had, and of course, how cute they are! Thanks to our Patreon sponsors, Maelynn, Coralynn and Atesh! If you'd like to help financially support us – and get a shout out on our show – head here. Also, with the holidays coming up, now is a good time to show your CFAA pride! Get your merch here. Finally, if you want to answer our creature quiz, guess our riddle, or do the Kid Power, let us know and we will send you a bookmark! Email us at coolfactsaboutanimals@gmail.com.
The Justice Department recently announced the issuance of a revised internal policy for charging cases brought under the Computer Fraud and Abuse Act (CFAA), our nation’s main computer crime statute. This revised policy was issued in the wake of the Supreme Court case of United States v. Van Buren, which held that the CFAA's “exceeds […]
The Justice Department recently announced the issuance of a revised internal policy for charging cases brought under the Computer Fraud and Abuse Act (CFAA), our nation's main computer crime statute. This revised policy was issued in the wake of the Supreme Court case of United States v. Van Buren, which held that the CFAA's “exceeds authorized access” provision does not cover those who have improper motives for obtaining information that is otherwise available to them. Additionally, the new DOJ policy for the first time directs federal prosecutors that good-faith security research should not be charged under the CFAA, but also acknowledges that claiming to be conducting security research is not a free pass for those acting in bad faith.Does the new DOJ charging policy strike a reasonable balance between privacy and law enforcement interests? Do its protections for security research go far enough, or do they extend too far? In the wake of Van Buren and this policy, does the federal government have adequate tools to address insider threats, especially where such threats are focused on invasions of privacy and confidentiality instead of being motivated by financial gain?Join us as our panel of experts break down these questions.Featuring:--Prof. Orin Kerr, Willam G. Simon Professor of Law, University of California, Berkeley School of Law --Prof. Michael Levy, Adjunct Professor of Law, Penn Carey Law, University of Pennsylvania --[Moderator] John Richter, Partner, King & Spalding
Episode 242 where we talk about the GTA hack, Harmonix’s tragic Rhythm game, the change to the CFAA, and we feature a returning special guest: N3rdNextDoor! Join the conversation with us LIVE every Tuesday on twitch.tv/2nerdsinapod at 9pm CST. Viewer questions/business inquiries can be sent to 2nerdsinapodcast@gmail.com Follow us on twitter @2NerdsInAPod for gaming news! […]
0:41 - Peter's Introduction2:56 - SSi Background4:52 - Greensol & Clean Agent Protection9:20 - SNAP (Significant New Alternative Policy) / Eco-Friendly11:05 - What is FirePASS?16:47 - Secondary Systems?17:44 - Room Integrity & FirePASS23:30 - SSi Battery Solution & Lithium-Ion Fires26:50 - Peter's Experience as an Executive Director of the CFAA29:20 - Importance of Standardized Documentation 33:43 - Peter's Perspective as a Firefighter & Industry Professional37:22 - Technology Adoption in the Industry40:15 - Quick Response Round43:34 - Final Thoughts
When Lock and Code host David Ruiz talks to hackers—especially good-faith hackers who want to dutifully report any vulnerabilities they uncover in their day-to-day work—he often hears about one specific law in hushed tones of fear: the Computer Fraud and Abuse Act. The Computer Fraud and Abuse Act, or CFAA, is a decades-old hacking law in the United States whose reputation in the hacker community is dim. To hear hackers tell it, the CFAA is responsible not only for equipping law enforcement to imprison good-faith hackers, but it also for many of the legal threats that hackers face from big companies that want to squash their research. The fears are not entirely unfounded. In 2017, a security researcher named Kevin Finisterre discovered that he could access sensitive information about the Chinese drone manufacturer DJI by utilizing data that the company had inadvertently left public on GitHub. Conducting research within rules set forth by DJI's recently announced bug bounty program, Finisterre took his findings directly to the drone maker. But, after informing DJI about the issues he found, he was faced not with a bug bounty reward, but with a lawsuit threat alleging that he violated the CFAA. Though DJI dropped its interest, as Harley Geiger, senior director for public policy at Rapid7, explained on today's episode of Lock and Code, even the threat itself can destabilize a security researcher. "[It] is really indicative of how questions of authorization can be unclear and how CFAA threats can be thrown about when researchers don't play ball, and the pressure that a large company like that can bring to bear on an independent researcher," Geiger said. Today, on the Lock and Code podcast, we speak with Geiger about other hacking laws can be violated when conducting security researcher, how hackers can document their good-faith intentions, and the Department of Justice's recent decision to not prosecute hackers who are only hacking for the benefits of security. You can also find us on Apple Podcasts, Spotify, and Google Podcasts, plus whatever preferred podcast platform you use. Show notes and credits: Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com) Licensed under Creative Commons: By Attribution 4.0 License http://creativecommons.org/licenses/by/4.0/ Outro Music: “Good God” by Wowa (unminus.com)
On May 19, the Department of Justice announced a new policy concerning how it will charge cases under the Computer Fraud and Abuse Act, or CFAA, the primary statute used against those who engage in unlawful computer intrusions. Over the years, the statute has been criticized because it has been difficult to determine the kinds of conduct it criminalizes, which has led to a number of problems, including the chilling of security research.Stephanie Pell sat down with Andrea Matwyshyn, professor of law and associate dean of innovation at Penn State Law School to discuss DOJ's new charging policy and some of the issues it attempts to address. They talked about some of the problems created by the CFAA's vague terms, how the new charging policy tries to protect good faith security research, and the significance of the requirement that prosecutors must now consult with the Computer Crimes and Intellectual Property section at main Justice before charging a case under the CFAA.Support this show http://supporter.acast.com/lawfare. See acast.com/privacy for privacy and opt-out information.
Developers want bug-free code -- it frees up their time and is easier to maintain. They want secure code for the same reasons. Matias Madou joins to talk about how the definition of secure coding varies among developers and appsec teams, why it's important to understand those perspectives, and how training is just one step towards building a security culture. This week in the AppSec News: OWASP Top 10 for Kubernetes, Firefox improves security with process isolation, CNCF releases guidance on Secure Software Factories and Cloud Native Security, & the DOJ clarifies its policy on CFAA! Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw198
Developers want bug-free code -- it frees up their time and is easier to maintain. They want secure code for the same reasons. Matias Madou joins to talk about how the definition of secure coding varies among developers and appsec teams, why it's important to understand those perspectives, and how training is just one step towards building a security culture. This week in the AppSec News: OWASP Top 10 for Kubernetes, Firefox improves security with process isolation, CNCF releases guidance on Secure Software Factories and Cloud Native Security, & the DOJ clarifies its policy on CFAA! Visit https://www.securityweekly.com/asw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/secweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw198
This week in the AppSec News: OWASP Top 10 for Kubernetes, Firefox improves security with process isolation, CNCF releases guidance on Secure Software Factories and Cloud Native Security, & the DOJ clarifies its policy on CFAA! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw198
PEBCAK Podcast: Information Security News by Some All Around Good People
Welcome to this week's episode of the PEBCAK Podcast! We've got four amazing stories this week so sit back, relax, and keep being awesome! Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast PEBCAK - Acronym of “problem exists between chair and keyboard.”
Today we will be talking about cybersecurity in the news, we also have the return of our “Blindspotting” segment, and some “Protect ya Neck” news. Next, we will discuss the Department of Justice's recent announcement that it will no longer prosecutor good faith researchers for violation of the computer fraud and abuse act. Then finally, we will be handing out a cybersecurity award. You can visit the show's website at www.nothingabout.com
Mai menü:Megjött a magyar adat: 540 millió forintba kerül, mire feláll egy cég egy vírustámadásbólRansomware banda feltöri Costa Ricát, arra kéri a lakosokat, hogy buktassák meg a kormánytNemzeti bank által sújtott ransomware troll hackerekLittleSnitch bypassApple Private Relay bypassVezetők és a jelszavaikAz amerikai igazságügyi minisztérium nem fog büntetőeljárást indítani a fehér kalapos hackerek ellen a CFAA alapjánApple M1 DMP prefetcher side channel támadásA QNAP sürgeti a felhasználókat, hogy frissítsék a NAS-eszközöket a Deadbolt Ransomware-támadások megelőzése érdekébenA gonosz soha nem alszik: kódvégrehajtás kikapcsolt Apple iPhone-on Elérhetőségeink:TelegramTwitterInstagramFacebookMail: info@hackeslangos.show
On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Conti's war against Costa Rica DoJ revises CFAA guidance Naughty kids get access to DEA portal A look at a Russian disinfo tool PyPI and PHP supply chain drama Much, much more This week's show is brought to you by Thinkst Canary. Its founder Haroon Meer will join us in this week's sponsor interview to talk about what might happen to infosec programs now the world economy is getting all funky. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes President Rodrigo Chaves says Costa Rica is at war with Conti hackers - BBC News Costa Ricans scrambled to pay taxes by hand after cyberattack took down country's collection system Costa Rican president claims collaborators are aiding Conti's ransomware extortion efforts K-12 school districts in New Mexico, Ohio crippled by cyberattacks - The Record by Recorded Future Greenland says health services 'severely limited' after cyberattack - The Record by Recorded Future Notorious cybercrime gang Conti 'shuts down,' but its influence and talent are still out there - The Record by Recorded Future 'Multi-tasking doctor' was mastermind behind 'Thanos' ransomware builder, DOJ says - The Record by Recorded Future Researchers warn of REvil return after January arrests in Russia - The Record by Recorded Future Researcher stops REvil ransomware in its tracks with DLL-hijacking exploit | The Daily Swig Bank refuses to pay ransom to hackers, sends dick pics instead • Graham Cluley GoodWill ransomware forces victims to donate to the poor and provides financial assistance to patients in need - CloudSEK Catalin Cimpanu on Twitter: "Report on a new ransomware strain named GoodWill that forces victims to perform acts of kindness to recover their files https://t.co/T0rhj5wjyC https://t.co/T92KPUJe61" / Twitter Water companies are increasingly uninsurable due to ransomware, industry execs say Department of Justice Announces New Policy for Charging Cases under the Computer Fraud and Abuse Act | OPA | Department of Justice download DEA Investigating Breach of Law Enforcement Data Portal – Krebs on Security Intelligence Update. A question of timing: examining the circumstances surrounding the Nauru Police Force hack and leak FSB's Fronton DDoS tool was actually designed for 'massive' fake info campaigns, researchers say Sonatype PiPI blog post Dvuln Labs - ServiceNSW's Digital Drivers Licence Security appears to be Super Bad New Bluetooth hack can unlock your Tesla—and all kinds of other devices | Ars Technica Researchers devise iPhone malware that runs even when device is turned off | Ars Technica New Research Paper: Pre-hijacking Attacks on Web User Accounts – Microsoft Security Response Center CISA issues directive for exploited VMware bug after IR team deployed to ‘large' org - The Record by Recorded Future Hackers are actively exploiting BIG-IP vulnerability with a 9.8 severity rating | Ars Technica Google, Apple, Microsoft Commit to Eliminating Passwords - Security Boulevard Thinkst Canary
Last week, the Department of Justice announced it would no longer prosecute hackers doing “good faith” cybersecurity research like testing or investigating a system to help correct a security flaw or vulnerability. It’s a change in how the DOJ enforces the 1986 Computer Fraud and Abuse Act following a ruling last year by the Supreme Court in Van Buren v. United States that limited the scope of the CFAA. Riana Pfefferkorn, a research scholar at the Stanford Internet Observatory, spoke with Marketplace’s Kimberly Adams about how this is part of an ongoing policy shift for the Justice Department over the last few years. Your donation powers the journalism you rely on. Give today to support Marketplace Tech.
Last week, the Department of Justice announced it would no longer prosecute hackers doing “good faith” cybersecurity research like testing or investigating a system to help correct a security flaw or vulnerability. It’s a change in how the DOJ enforces the 1986 Computer Fraud and Abuse Act following a ruling last year by the Supreme Court in Van Buren v. United States that limited the scope of the CFAA. Riana Pfefferkorn, a research scholar at the Stanford Internet Observatory, spoke with Marketplace’s Kimberly Adams about how this is part of an ongoing policy shift for the Justice Department over the last few years. Your donation powers the journalism you rely on. Give today to support Marketplace Tech.
US Prosecutors Won't Charge White Hat Hackers Under New Policy @JeffStone500 Got suggestions, complaints, or feedback? Tell us at podcast@secureideas.com Or reach out on Twitter: Nathan Sweaney Kevin Johnson Secure Ideas Join our Professionally Evil Slack Team: Professionally Evil Slack Team Our real jobs pay for our time to do this, so if you have opportunities around penetration testing or risk management, we'd love the chance to work with you!
Scraping data from public websites is legal. That’s the upshot of a decision by the Ninth Circuit Court of Appeals earlier this week. LinkedIn had taken a case against data analytics company hiQ, arguing it was illegal for hiQ to “scrape” users’ profile data to analyze employee turnover rates under the federal Computer Fraud and Abuse Act (CFAA). Tiffany Li, a technology attorney and professor of law at the University of New Hampshire, joins our host Meghan McCarty Carino to talk about how the CFAA fits into today’s world.
Scraping data from public websites is legal. That’s the upshot of a decision by the Ninth Circuit Court of Appeals earlier this week. LinkedIn had taken a case against data analytics company hiQ, arguing it was illegal for hiQ to “scrape” users’ profile data to analyze employee turnover rates under the federal Computer Fraud and Abuse Act (CFAA). Tiffany Li, a technology attorney and professor of law at the University of New Hampshire, joins our host Meghan McCarty Carino to talk about how the CFAA fits into today’s world.
Security has truly gone mainstream. From late night television jokes to state governors not knowing how technology works, as a profession and a vocation, we have arrived. Jimmy Fallon has jokes about security on his show What are the implications of out of date security laws that define what it is to “hack” systems? Keep in mind that some were written as much as 30+ years ago! Is it security's job to know all the tools in place? Or the business to approach security to help make their tools secure? Is viewing publicly available information or information pushed to your browser actually hacking, or is it legal/OK? Creating laws that stand the test of time is hard. And subject to lots of lobbying. CISO Liability and visibility based on the prominence of the role. Does this lead to targeting to discredit? (think: false social media profiles and deepfakes) Offensive techniques and what happens when companies go offensive against attackers? Prevention as a growing tactic by security teams - especially when life is on the line in the products we make SPAM: is it food or is it email? When is the right time to bring security into your startup? Weaving it in when it is young! We also have a video channel on YouTube that airs the "with pictures" edition of the podcast. Please head over to https://bit.ly/gsdyoutube and watch, subscribe and "like" the episodes.
Why the Computer Fraud and Abuse Act (CFAA) is ruining hacks for good._______________________GuestJohn JacksonOn Twitter