The Office of Personnel Management was warned as recently as November of numerous system vulnerabilities and governance weaknesses.
Browsing Category: Government
Bug bounties and rewards programs provide researchers with a measure of income, and if the proposed Wassenaar rules are implemented in the U.S., that initiatives could be adversely impacted.
The OPM hack may indeed extend to security clearance data, in addition to personal information belonging to four million federal workers.
A new set of memos uncovered by Edward Snowden and shared with both the New York Times and ProPublica this week reveal how the Obama administration upped its search for hackers and expanded its warrantless surveillance program.
It’s been two years now since the first stories about NSA surveillance capabilities began to appear, and the environment has shifted dramatically in that time. Awareness of and resistance to mass surveillance has increased greatly, but the changes to policy and laws that many observers had hoped for haven’t necessarily emerged. A new report from Privacy[…]
The United States and Japan have agreed to cooperate more closely on cybersecurity and information sharing initiatives as a way to help both countries defend against future threats and attacks. The new initiative will include a variety of components, most notably cooperation during serious incidents, cooperation between the two countries’ cybersecurity and defense units, and[…]
Now that provisions in Section 215 of the PATRIOT Act allowing for bulk collection of phone metadata have been shot down, all eyes turn to the USA FREEDOM Act.
Influential security researchers have begun publishing their comments, objections and concerns regarding the proposed U.S. export control rules under the Wassenaar Arrangement.
Users of the Internal Revenue Service’s Get Transcript service are at risk for identity theft after hackers accessed tax records belonging to more than 100,000.
Experts point out that the proposed Wassenaar rules in the U.S. leave unanswered questions regarding exploit development and the use of commercial penetration testing tools.