Information security laws, investigations and ethics
Get news, advice and commentary on information security laws such as the CFAA, CAN-SPAM and CALEA. Learn about information security legislation, ethical vulnerability disclosure, digital surveillance laws and more.
Top Stories
-
Tip
28 Aug 2023
Should companies make ransomware payments?
Once infected with ransomware, organizations face a major question: to pay or not to pay? Law enforcement recommends against it, but that doesn't stop all companies from paying. Continue Reading
-
Tip
14 Aug 2023
How to create a ransomware incident response plan
A ransomware incident response plan may be the difference between surviving an attack and shuttering operations. Read key planning steps, and download a free template to get started. Continue Reading
-
News
21 Dec 2018
DOJ indicts two Chinese nationals for APT10 group cyberattacks
The Department of Justice indicted two alleged members of the Chinese state-sponsored hacking group APT10, which hacked managed service providers to steal data from enterprises. Continue Reading
-
News
12 Dec 2018
Equifax breach report highlights multiple security failures
An Equifax breach report, based on a government investigation, blamed the incident on multiple security failures and concluded the breach was preventable. Continue Reading
-
Blog Post
30 Nov 2018
Are US hacker indictments more than Justice Theater?
New hacker indictments and U.S.Treasury Department sanctions highlight the disconnect between government action and real world consequences for threat actors. Continue Reading
-
News
29 Nov 2018
SamSam ransomware actors charged, sanctioned by US government
The FBI indicted two threat actors involved with the SamSam ransomware attacks while the US Treasury sanctioned two others for their role in exchanging Bitcoin earned from attacks. Continue Reading
-
Blog Post
29 Nov 2018
Breaking down Dell's "potential cybersecurity incident" announcement
Dell provided some information about a "potential cybersecurity incident" earlier this month, but it's unclear how the company and customers should be reacting. Continue Reading
-
News
28 Nov 2018
Botnet takedown snares 3ve, Methbot ad fraud campaigns
The Justice Department indicted eight individuals accused of running major ad fraud campaigns, including the 3ve botnet, which generated millions of dollars in fake ad revenue. Continue Reading
-
News
14 Nov 2018
Cybercrime agreement signed by 50 nations, not U.S., China and Russia
An international cybercrime agreement was signed by 50 nations and 150 companies in Paris, but the U.S., China and Russia were not part of the accord. Continue Reading
-
News
12 Oct 2018
Facebook breach affected 20 million fewer than thought
The recent Facebook breach affected 20 million fewer accounts than was previously thought. The company now says 29 million accounts had data exposed to attackers. Continue Reading
-
News
05 Oct 2018
GRU indictment accuses 7 Russians in global cyberattacks
The U.S., U.K. and other allies accused seven Russian military officers in cybercrimes around the world, and the GRU indictment from the U.S. formally pressed charges. Continue Reading
-
Blog Post
01 Oct 2018
FBI, DHS blaming the victims on Remote Desktop Protocol
FBI, DHS call on users to mitigate Remote Desktop Protocol vulnerabilities and handle RDP exploits on their own, even as the "going dark" campaign continues unabated. Continue Reading
-
Opinion
25 Sep 2018
Why a unified local government security program is crucial
When considering a local government cybersecurity program, companies must understand the dangers of not having one. Matt Pascucci explains why a program designed to monitor the public sector is crucial. Continue Reading
-
News
21 Sep 2018
Mirai botnet creators avoid jail time after helping the FBI
News roundup: The Mirai botnet creators will not serve time in prison after they worked with the FBI. Plus, the Department of Defense updated its cyber strategy, and more. Continue Reading
-
Feature
28 Aug 2018
Diversity at cybersecurity conferences is too important to ignore
Diversity at cybersecurity conferences became a hot topic in early 2018. Innovation Women founder Bobbie Carlton discusses why it takes more work to get women in security on stage. Continue Reading
-
News
24 Aug 2018
NSA leaker Reality Winner sentenced to five years in jail
NSA leaker Reality Winner sentenced to 63 months in prison for releasing classified documents detailing an attack by the Russian military against U.S. election systems. Continue Reading
-
News
23 Aug 2018
AI bias and data stewardship are the next ethical concerns for infosec
AI bias and the need for data stewardship to prevent issues surrounding the trend of hoarding data are the next big ethical concerns for infosec, according to Laura Norén. Continue Reading
-
News
14 Aug 2018
Amanda Rousseau talks about computer forensics investigations
Amanda Rousseau, aka Malware Unicorn, discusses her time in computer forensics investigations with the DoD, as well as the joys of reverse engineering malware encryption by hand. Continue Reading
-
Podcast
09 Aug 2018
Risk & Repeat: Can Disclose.io help protect vulnerability researchers?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Disclose.io project and what it could mean for the future of security research and vulnerability disclosure. Continue Reading
-
News
03 Aug 2018
Disclose.io launches vulnerability disclosure 'safe harbor'
News roundup: Disclose.io offers legal bug bounty framework to give researchers safe harbor from legal action for vulnerability disclosures. Plus, Stamos exits Facebook, and more. Continue Reading
-
Feature
31 Jul 2018
Women in cybersecurity: How to make conferences more diverse
The lack of women speaking at security conferences might be representative of the low number of women in cybersecurity, but efforts are finally being made to close the gender gap. Continue Reading
-
Feature
31 Jul 2018
Citrix's Peter Lefkowitz on impact of GDPR privacy requirements
New consumer privacy laws are changing the global privacy landscape. Citrix's Peter Lefkowitz explains how Citrix is approaching GDPR compliance and privacy issues in general. Continue Reading
-
Blog Post
17 Jul 2018
Is the new California privacy law a domestic GDPR?
The difference between data privacy protections afforded to European Union residents and people in the U.S. is more sharply highlighted now that the EU's General Data Protection Regulation has ... Continue Reading
-
News
13 Jul 2018
Endpoint security tool fueled OpenText's Guidance Software acquisition
Endpoint security was the primary draw for OpenText's Guidance Software acquisition. But plans to improve e-discovery and data forensics with Magellan AI are part of the roadmap. Continue Reading
-
News
21 Jun 2018
Accused CIA leaker charged with stealing government property
The DOJ has officially charged the accused CIA leaker, Joshua Schulte, with theft of government property and gathering national defense information in the Vault 7 case. Continue Reading
-
Podcast
21 Jun 2018
Risk & Repeat: New election security bill introduced
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Protecting American Votes and Elections Act of 2018, which requires paper ballots and audits. Continue Reading
-
Podcast
13 Jun 2018
Risk & Repeat: What do Google's AI principles mean for cybersecurity?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Google's new principles for artificial intelligence and how they may impact the use of AI for cybersecurity. Continue Reading
-
News
08 Jun 2018
New MalwareTech indictment adds four more charges
The U.S. government added four new charges against Marcus Hutchins in the MalwareTech indictment, but questions have surfaced about the legal standing of the new charges. Continue Reading
-
News
31 May 2018
Yahoo hacker sentenced to five years in prison for massive breach
One of four Yahoo hackers was sentenced to five years in prison for his role in the massive 2014 breach, which included accessing millions of sensitive email accounts. Continue Reading
-
Definition
29 May 2018
counterintelligence
Counterintelligence (CI) is the information gathered and actions taken to identify and protect against an adversary’s knowledge collection activities or attempts to cause harm through sabotage or other actions. Continue Reading
-
News
24 May 2018
VPNFilter malware infects 500,000 devices for massive Russian botnet
New malware, dubbed 'VPNFilter' by Cisco Talos, infects 500,000 devices and triggers action from Justice Department, which seized and sinkholed the botnet's domain. Continue Reading
-
News
16 May 2018
Vault 7 leak suspect is a former CIA employee already in custody
The U.S. government has identified a man already in custody on unrelated charges as the suspect in the Vault 7 leak, but it is unclear how much evidence supports the case. Continue Reading
-
News
20 Apr 2018
Keeper Security forms vulnerability disclosure program with Bugcrowd
Following its controversial lawsuit against an Ars Technica security reporter, Keeper Security has teamed with Bugcrowd on a formal vulnerability disclosure program. Continue Reading
-
Answer
20 Apr 2018
Self-sovereign identity: How will regulations affect it?
Will laws like GDPR and PSD2 force enterprises to change their identity management strategies? Expert Bianca Lopes talks regulations, self-sovereign identity and blockchain. Continue Reading
-
News
20 Apr 2018
Experts describe how hacking back can be done right
A panel of experts at the RSA Conference all expressed support for the idea of hacking back against threat actors, but each offered caveats in hopes of minimizing collateral damage. Continue Reading
-
News
19 Apr 2018
Schneier talks cyber regulations, slams U.S. lawmakers
Speaking at RSA Conference 2018, Bruce Schneier slammed U.S. lawmakers and Facebook in discussions on internet security regulations and technology policy. Continue Reading
-
Conference Coverage
11 Apr 2018
RSAC 2018: Special conference coverage
Find out what's happening at the information security industry's biggest event with breaking news and analysis by the SearchSecurity team at the RSA Conference 2018 in San Francisco. Continue Reading
-
Podcast
06 Apr 2018
Risk & Repeat: New revelations in San Bernardino iPhone case
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the OIG report's findings on the FBI's effort to unlock the iPhone of one of the San Bernardino terrorists. Continue Reading
-
News
30 Mar 2018
OIG report on San Bernardino iPhone case criticizes FBI
A new government report claims poor communication was to blame for the FBI's court case being filed against Apple despite a San Bernardino iPhone unlock method being almost ready at the time. Continue Reading
-
News
23 Mar 2018
CLOUD Act stirs tension between privacy advocates and big tech
Privacy advocates criticize Congress for passing the CLOUD Act as part of the omnibus spending bill, while big tech companies have expressed support for the controversial legislation. Continue Reading
-
News
21 Mar 2018
Durov refuses to hand over Telegram encryption keys to FSB
CEO Pavel Durov continued to assert that Telegram encryption keys will not be shared with the FSB, despite the Russian Supreme Court denying the company's appeal. Continue Reading
-
Answer
21 Mar 2018
When does the clock start for GDPR data breach notification?
As new GDPR data breach notification rules go into effect, companies must be ready to move faster than before. Mimecast's Marc French explains what will change and how to cope. Continue Reading
-
Guide
20 Mar 2018
GDPR compliance requirements and how to best fulfill them
Learn the details of the European Union's new regulations for data security and what your company needs to do now to meet them and avoid expensive penalties. Continue Reading
-
Answer
19 Mar 2018
What will GDPR data portability mean for enterprises?
Enforcement of the EU's Global Data Protection Regulation is coming soon. Mimecast's Marc French discusses the big questions about GDPR data portability for enterprises. Continue Reading
-
News
16 Mar 2018
Following Equifax data breach, executive charged with insider trading
News roundup: A CIO has been charged with insider trading after the Equifax data breach. Plus, Trump blocked Broadcom's acquisition of Qualcomm, and more. Continue Reading
-
News
06 Mar 2018
Equifax data breach affected 2.4 million more consumers
The massive Equifax data breach affected even more people. The startling total is now 147.9 million U.S. consumers who had their information stolen by hackers. Continue Reading
-
News
02 Mar 2018
Cellebrite claims it can unlock Apple devices, but questions remain
News roundup: Cellebrite claims it can unlock Apple devices, according to a Forbes report. Plus, iCloud encryption keys will now be stored in China, and more. Continue Reading
-
Answer
27 Feb 2018
How hard will the GDPR right to be forgotten be to get right?
Under GDPR, the right to be forgotten is granted to all EU data subjects. Mimecast's Marc French explains why enterprises will need to be careful about how they manage the process. Continue Reading
-
News
22 Feb 2018
SEC cybersecurity disclosure rules get a guidance update
The U.S. Securities and Exchange Commission introduced new SEC cybersecurity disclosure rules to prevent insider trading related to data breaches and other security incidents. Continue Reading
-
News
22 Feb 2018
GDPR data breach notification is just one piece of EU privacy puzzle
With the EU's General Data Protection Regulation looming, Qualys' Darron Gibbard discusses GDPR data breach notifications, and more with the EU's new privacy law. Continue Reading
-
News
08 Feb 2018
DoJ breaks up Infraud Organization with some help
The U.S. Department of Justice announced the shutdown of the Infraud Organization, which authorities claim is responsible for global cyberfraud losses in excess of $530 million. Continue Reading
-
News
26 Jan 2018
FBI encryption argument draws fire from senator
Sen. Ron Wyden challenged the FBI encryption argument and asked the FBI director to be transparent about claims that lawful access could be provided securely. Continue Reading
-
News
23 Jan 2018
Gemalto Sentinel flaws could lead to ICS attacks
Security researchers found 14 vulnerabilities in Gemalto Sentinel hardware tokens, which could allow dangerous ICS attacks, including full-system takeover. Continue Reading
-
News
19 Jan 2018
Trisis ICS malware was publicly available after attack
The Trisis ICS malware used in a cyberattack on an oil and gas company in Saudi Arabia in December has been publicly available for weeks after being copied by unknown actors. Continue Reading
-
News
16 Jan 2018
CIA attributes NotPetya attacks to Russian spy agency
The CIA reportedly concluded that Russia's foreign intelligence agency created and was responsible for the NotPetya attacks against Ukraine in June. Continue Reading
-
News
09 Jan 2018
NIST botnet security report recommendations open for comments
Federal agencies opened public comments on a draft botnet security report born from the 2017 White House cybersecurity executive order, and experts are generally favorable. Continue Reading
-
Tip
21 Dec 2017
A look at the key GDPR requirements and how to meet them
Meeting the most important GDPR requirements is a great first step to compliance with the new regulation. Expert Steve Weil outlines how to get started on GDPR compliance. Continue Reading
-
News
20 Dec 2017
White House WannaCry attribution leaves unanswered questions
The White House's WannaCry attribution included the broad strokes, experts say, but the case avoided some key pieces of information, such as the role of the NSA in the attacks. Continue Reading
-
News
19 Dec 2017
North Korea behind WannaCry attacks, White House says
The White House officially said North Korea was behind the WannaCry attacks, and it credited Facebook and Microsoft for work in attribution. But it left questions unanswered. Continue Reading
-
News
14 Dec 2017
Mirai creators and operators plead guilty to federal charges
The Department of Justice announced guilty pleas from the three Mirai creators and operators behind the massive worldwide botnet DDoS attacks in 2016. Continue Reading
-
Opinion
05 Dec 2017
Active Cyber Defense Certainty Act: Should we 'hack back'?
With the proposal of the Active Cyber Defense Certainty Act, individuals would be able to 'hack back' when information is stolen. Matt Pascucci makes the case against the bill. Continue Reading
-
News
04 Dec 2017
Ex-NSA employee pleads guilty to removing classified data
The former NSA employee reportedly responsible for exposing classified data to Russian government hackers pleaded guilty and faces a maximum of 10 years in prison. Continue Reading
-
News
01 Dec 2017
Proposed data breach legislation could put executives in jail
Democratic senators have proposed data breach legislation that could lead to jail time for some executives who conceal breaches and fail to disclose them to consumers. Continue Reading
-
News
01 Dec 2017
Leaked NSA Ragtime files hint at spying on U.S. citizens
Exposed data included new information on the NSA Ragtime intelligence-gathering program, but it is unclear if the evidence proves Americans were targeted. Continue Reading
-
News
01 Dec 2017
Yahoo data breach hacker pleads guilty to cybercrime charges
One of the Yahoo data breach hackers pleaded guilty to his involvement in the attack. Plus, the FBI failed to notify U.S. officials that they were targets of Fancy Bear, and more. Continue Reading
-
Podcast
30 Nov 2017
Risk & Repeat: Uber data breach has implications for infosec
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Uber data breach, which was concealed by company officials, and the ethics of data breach disclosure. Continue Reading
-
Tip
30 Nov 2017
Data breach litigation: What enterprises should know
Data breach litigation can be highly detrimental to an organization that just suffered a major security incident. Find out what kinds of legal action enterprises could face in the event of a data breach. Continue Reading
-
Podcast
21 Nov 2017
Risk & Repeat: Vulnerabilities Equities Process gets an update
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the new charter for the Vulnerabilities Equities Process and what it means for the infosec community. Continue Reading
-
News
20 Nov 2017
DOD exposed data stored in massive AWS buckets
A security researcher at UpGuard found exposed data in Amazon Web Services' cloud storage buckets. And once again, the data belongs to the Department of Defense. Continue Reading
-
News
17 Nov 2017
Google bug bounty pays $100,000 for Chrome OS exploit
An anonymous security researcher has once again earned the top Google bug bounty prize in the Chrome Reward Program for a Chrome OS exploit chain. Continue Reading
-
News
16 Nov 2017
Federal vulnerability review under new VEP still has questions
Experts are still unsure about the Vulnerabilities Equities Process, but admit the new VEP Charter could be a good step toward improving federal vulnerability review. Continue Reading
-
News
15 Nov 2017
New VEP Charter promises vulnerability transparency
The White House wants a more open Vulnerabilities Equities Process and has unveiled a new VEP Charter in order to promote transparency in bug reviews. Continue Reading
-
News
10 Nov 2017
Following Equifax breach, CEO doesn't know if data is encrypted
News roundup: Following the massive Equifax breach, the CEO said he doesn't know if customer data is encrypted or not. Plus, flaws were found in IEEE's P1735 standard, and more. Continue Reading
-
News
09 Nov 2017
FBI hacking may have crossed international borders
New court documents indicate an FBI hacking operation may have crossed international borders and infected systems in Russia, China and Iran. Continue Reading
-
Answer
06 Nov 2017
Monitoring employee communications: What do EU privacy laws say?
The European Court of Human Rights recently placed strict regulations on monitoring employee communications. Matt Pascucci compares EU privacy laws to the U.S.'s standards. Continue Reading
-
News
02 Nov 2017
SAVE Act attempts to bolster election security
Two senators introduced a bipartisan election security bill called the SAVE Act, which aims to improve voting infrastructure and harden state systems against attack. Continue Reading
-
Blog Post
31 Oct 2017
Is "responsible encryption" the new answer to "going dark"?
"Three may keep a Secret, if two of them are dead." So wrote Benjamin Franklin, in Poor Richard's Almanack, in 1735. Franklin knew a thing or two about secrets, as well as about cryptography, given ... Continue Reading
-
Definition
31 Oct 2017
cyber attribution
Cyber attribution is the process of tracking, identifying and laying blame on the perpetrator of a cyberattack or other hacking exploit. Continue Reading
-
News
27 Oct 2017
Warning for Equifax security issues came months before breach
A security researcher reportedly disclosed a number of Equifax security issues to the company months before the major data breach, and none of the problems were fixed. Continue Reading
-
News
25 Oct 2017
NSA cyberweapons report follows Kaspersky transparency plan
A Kaspersky transparency initiative and a full code review of its products are on the way, and a new Kaspersky statement explained how NSA cyberweapons were uploaded to its servers. Continue Reading
-
News
13 Oct 2017
DOJ's 'responsible encryption' is the new 'going dark'
News roundup: The DOJ calls for 'responsible encryption' to comply with court orders. Plus, there's more bad cybersecurity news for banks, and Accenture data in AWS gets exposed. Continue Reading
-
News
07 Oct 2017
NSA breach leads to theft of government spy software
An NSA contractor became the target of a cyberattack after storing agency spying software on a personal device, and this NSA breach has caused a rise in fears regarding Russia. Continue Reading
-
News
05 Oct 2017
Equifax breach impact expands, blame game continues
The Equifax breach impact expanded and the company's former CEO answered questions in a congressional hearing, but experts were not satisfied by the answers. Continue Reading
-
News
29 Sep 2017
Government data requests on the rise for Apple and Google
One expert is concerned about the large increase of government data requests received by Apple and the effects this surveillance activity has on user privacy. Continue Reading
-
News
29 Aug 2017
Kaspersky-Russian ties still unclear, despite FBI push
The specter of Kaspersky-Russian ties has reportedly led to an FBI campaign urging private organizations to drop Kaspersky Lab products; experts urge the FBI to share more evidence. Continue Reading
-
Feature
28 Aug 2017
Electronic voting systems in the U.S. need post-election audits
Colorado will implement a new system for auditing electronic voting systems. Post-election audits have been proven to help, but are they enough to boost public trust in the systems? Continue Reading
-
News
17 Aug 2017
Authorities can't force smartphone access in iOS 11
IOS 11 will allow users to avoid authorities attempting to force smartphone access by temporarily disabling biometric unlocking of mobile devices. Continue Reading
-
Podcast
16 Aug 2017
Risk & Repeat: MalwareTech indictment raises questions
In this week's Risk & Repeat podcast, SearchSecurity editors explore the FBI's case against security researcher Marcus Hutchins, better known as MalwareTech. Continue Reading
-
Feature
11 Aug 2017
U.S. attorney: Gathering cybercrime evidence can be difficult
Assistant U.S. attorney says jurors and courts are getting smarter about cybercrime evidence, although digital cases overall may be getting more difficult to prosecute. Continue Reading
-
Feature
09 Aug 2017
How FBI cyber investigations handle obfuscation techniques
An FBI agent discusses cyber investigations, how they handle obfuscation techniques, the anonymizing features of the deep web and how to catch the right person. Continue Reading
-
Feature
08 Aug 2017
FBI: Cyber investigations no different from real world
Despite a loud group claiming the burden of proof is harder to meet with digital evidence, an agent says FBI cyber investigations are not much different from traditional cases. Continue Reading
-
News
03 Aug 2017
MalwareTech arrested for Kronos banking Trojan connection
The FBI arrested the famed security researcher known as MalwareTech after a two-year investigation into the creation and distribution of the Kronos banking Trojan. Continue Reading
-
News
02 Aug 2017
Hacking voting machines takes center stage at DEFCON
DEFCON attendees were successful in hacking voting machines and now that there is proof the systems are insecure, more work needs to be done to change election laws and practices. Continue Reading
-
News
01 Aug 2017
Experts debate Vulnerabilities Equities Process disclosure
Experts debated how the government should weigh disclosure in the Vulnerabilities Equities Process and whether to err on the side of offense or defense. Continue Reading
-
News
25 Jul 2017
Fancy Bear C&C servers taken down by Microsoft lawsuit
Experts applaud Microsoft for clever use of a lawsuit to claim command and control server domains used by malicious Russian APT group Fancy Bear. Continue Reading
-
News
21 Jul 2017
Dark web markets' shutdown may lead to more arrests
Cooperation between law enforcement from around the world led to the shutdown of the AlphaBay and Hansa dark web markets and potential leads of illegal vendors. Continue Reading
-
Podcast
19 Jul 2017
Risk & Repeat: Kaspersky Lab removed from GSA Schedule 70
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the Trump administration's removal of Kaspersky Lab from the GSA Schedule 70 for federal IT contracts. Continue Reading
-
News
26 Jun 2017
Security code reviews by Russian agencies cause concern
Demands for security code reviews by Russia have been on the rise, and not all experts or U.S. companies want to comply with the requests. Continue Reading
-
News
02 Jun 2017
International data privacy laws create inconsistent rules
A new cybersecurity law in China highlights the trend of inconsistent international data privacy laws being enacted around the world. Continue Reading
-
News
26 May 2017
Artificial intelligence data privacy issues on the rise
End users are in the crosshairs of business data privacy issues, especially when it comes to information gleaned from artificial intelligence technologies. Continue Reading
-
News
26 May 2017
Target data breach settlement requires security improvements
News roundup: The Target settlement following the 2013 data beach requires the company to adopt a stronger security program. Plus, experts knock the FCC's DDoS claim, and more. Continue Reading
-
Podcast
25 May 2017
Risk & Repeat: Microsoft slams NSA over EternalBlue
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Microsoft's sharp criticism of the NSA over the EternalBlue Windows vulnerability and WannaCry ransomware. Continue Reading