The SEC drops its 2023 case against SolarWinds and its CISO Tim Brown, which alleged they concealed vulnerabilities ahead of the Russia-linked 2020 cyberattack
Chris Prentice / Reuters :
Sources and docs: the US DOJ charges Peter Williams, ex-director of zero-day vendor L3Harris' Trenchant, with stealing trade secrets to sell to a Russian buyer
A director at a company that sells computer vulnerabilities has been charged with stealing secrets to sell to an unspecified buyer in Russia …
A live blog of Twitter whistleblower Peiter “Mudge” Zatko's testimony before the Senate Judiciary Committee
Twitter whistleblower Peiter “Mudge” Zatko is scheduled to appear Tuesday morning before the Senate, as his allegations of widespread security vulnerabilities ignite …
In a policy shift, the US Department of Justice plans to stop prosecuting good-faith security research that would have violated the Computer Fraud and Abuse Act
to choose not to prosecute security research as a violation of the Computer Fraud and Abuse Act. “The policy for the first time directs that good-faith security research should not be charged.” https:...
Leaked FTI Consulting report: investigators found a suspicious encrypted file on Jeff Bezos' iPhone, causing data transfers to jump by ~29,000%, but no malware
In February of 2019, intelligence information warning … Amy Thomson / Bloomberg : Facebook Says Bezos Hack Highlights Smartphone Vulnerabilities Stephen E. Arnold / Beyond Search : Irony, Outrage, Spe...
Hertz sues Accenture for delays, poor design, security vulnerabilities and performance problems of its website and mobile app redesign, for which it paid $32M
Kieren McCarthy / The Register :
Security researchers and reporters hesitate to report vulnerabilities fearing defamation lawsuits and other legal action
Zack Whittaker / ZDNet :
Intel faces at least three class action lawsuits over Spectre and Meltdown vulnerabilities, while additional claims may come from big cloud service providers
Samuel Gibbs / The Guardian :
Password manager maker Keeper sues Ars Technica and reporter Dan Goodin for story on a vulnerability in Keeper software, first highlighted by Google researcher
the company behind the product— is suing Dan and Ars. In the extraordinary complaint, Keeper says Dan ‘intended’ to cause harm http://www.documentcloud.org/ ... via @zackwhittaker http://twitter.com/....
FireEye takes security firm to court over vulnerability disclosure
A spat between two security companies shows just how sensitive reporting software vulnerabilities can be, particularly when it involves a popular product. — The kerfuffle between FireEye and ERNW, a...