Thirteen cryptography leaders and pioneers published a paper warning of the economic and social pitfalls associated with the government’s desire for “exceptional access” to cryptographic keys.
Browsing Category: Government
Grant Wilcox, an ethical hacking degree candidate at the University of Northumbria in the U.K., said the Wassenaar Arrangement rules were one reason he decided not to publish exploits he developed for his dissertation.
Dennis Fisher and Mike Mimoso discuss the OS X and iOS patches, the potential for the new cyber UL project run by Mudge, and the lawsuit against OPM after its data breach.
The chairman of the powerful Senate Judiciary Committee is asking some pointed questions of the FBI director about the bureau’s use of zero-day vulnerabilities, phishing attacks, spyware, and other controversial tools. Sen. Charles Grassley (R-Iowa) has sent a letter to FBI Director James Comey asking for “more specific information about the FBI’s current use of[…]
A class-action lawsuit filed by a government employees’ union against the Office of Personnel Management as a result of the massive data breach at OPM that affects more than 18 million people alleges that not only did the agency know about vulnerabilities in its network long before the attack, but that the agency’s director and[…]
The Office of Personnel Management announced yesterday that it is temporarily suspending the system it uses to conduct government background checks.
UPDATE–One of the longstanding problems in security–and the software industry in general–is the lack of any universally acknowledged authority on quality and reliability. But the industry moved one step closer to making such a clearinghouse a reality this week when Peiter Zatko, a longtime researcher and hacker better known as Mudge in security circles, announced[…]
Authorities in six different countries worked together last week to take down a cybercrime ring which ultimately infected tens of thousands of computers with Zeus and SpyEye malware and made off with roughly $2.25 M dollars from banks in the process.
NIST officially has removed the controversial and compromised Dual_EC_DRBG from its list of recommended algorithms for generating random numbers.
Analysts at Recorded Future said they found stolen credentials from 47 government agencies on a number of paste sites.