In-brief: In an interview with Security Ledger Editor in Chief Paul Roberts, Chenxi Wang of the firm Twist Lock talks about information security’s “Mr. Robot” problem and the need for standards for the Internet of Things.
In-brief: Smart TV maker VIZIO agreed to pay $2.2 million to the FTC and the State of New Jersey to settle charges that it collected the viewing history of some 11 million smart televisions without users’ consent. The settlement stems from a 2014 case and requires the company to “prominently disclose and obtain affirmative express consent” for data collection and sharing.
In-brief: in our inaugural Security Ledger Live, we speak with Lance James, the Chief Scientist at the firm Flashpoint about ransomware, the care and feeding of security talent and the news of the week.
In-brief: The folks at Trend Labs take apart the recent EyePyramid malware attacks on high profile targets in Italy to talk about the risk of doing cyber attribution badly, and whether its even worth while.
The problems that surround cyber attribution came into sharp relief in recent weeks, as the Department of Homeland Security and FBI attempted to pin attribution for the hacking of Democratic party organizations on hackers affiliated with the government of Russia, with only mixed success. Attribution was again an issue after The Washington Post -citing the DHS and FBI report- said Russians had hacked their way into the U.S. electrical grid by way of a Vermont utility. That report was eventually walked back as more evidence emerged about the incident. Pointing the finger of blame – it turns out – is easier said than done in matters of cyber espionage and cyber war. Now the folks over at Cyberscoop point to a new bill designed to boost the government’s ability to do cyber attribution and foster government-industry ties. New cybersecurity legislation aims to bolster the U.S. government’s attribution capabilities as well […]