The folks over at The Parallax write that time is running out on a U.S. spy law that allows the National Security Agency to run its most controversial surveillance programs, with no clear replacement plan in place.
Podcast: Play in new window | Download (Duration: 1:06:17 — 75.9MB)Subscribe: Android | Email | Google Podcasts | RSSIn our latest podcast: the ride sharing firm Uber finds itself on the wrong side of a Florida Man story after paying $100,000 in hush money to a man from The Sunshine State who stole information on 57 million Uber customers. We speak with Katie Moussouris about how the company’s actions could affect the future of the young vulnerability disclosure industry. Also: with BitCoins trading for $16,000 each, Wandera researcher Dan Cuddeford joins us to talk about mobile crypto-jacking schemes that hijack mobile devices to mine crypto currencies. And we invite Alan Brill of the firm Kroll back to discuss recent House of Representatives hearings on the future of authentication in an age of rampant data sharing and data theft.
The days of logging into a web site or application with nothing more than facts stored in your brain are nearing their end, pushed to extinction by the unrelenting pace of information sharing online and an equally unrelenting storm of data breaches that expose that data.
In-brief: emboldened by media attention for its escapades in the U.S. Presidential election, the hacking crew known as “Fancy Bear” is targeting political parties in France as well as Germany, the firm Trend Micro reported on Tuesday – the latest evidence of meddling in foreign affairs. (Editor’s note: updated to add comment by Michael Sulmeyer, Director of the Cyber Security Project at Harvard University’s Belfer Center. PFR Apr 25 2017.)
The problems that surround cyber attribution came into sharp relief in recent weeks, as the Department of Homeland Security and FBI attempted to pin attribution for the hacking of Democratic party organizations on hackers affiliated with the government of Russia, with only mixed success. Attribution was again an issue after The Washington Post -citing the DHS and FBI report- said Russians had hacked their way into the U.S. electrical grid by way of a Vermont utility. That report was eventually walked back as more evidence emerged about the incident. Pointing the finger of blame – it turns out – is easier said than done in matters of cyber espionage and cyber war. Now the folks over at Cyberscoop point to a new bill designed to boost the government’s ability to do cyber attribution and foster government-industry ties. New cybersecurity legislation aims to bolster the U.S. government’s attribution capabilities as well […]