Data Breach

• newColorado Privacy Act: What Businesses Need to Know
  Unlike the CPRA, the CPA does not grant consumers a private right of action for data breaches or any other violations. Instead, only the Colorado AG ...
  - 5 hours ago 26 Jul 21, 10:18pm -
• newCybersecurity experts advise after DEO security data breaches
  On July 16, 2021, the department learned of a data security incident involving potentially fraudulent activity related to claimant accounts within the ...
  - 5 hours ago 26 Jul 21, 10:18pm -
• new'Freeze your credit report': Cybersecurity expert advises after DOE security data breach
  On July 16, 2021, the Department learned of a data security incident involving potentially fraudulent activity connected to claimant accounts within the ...
  - 5 hours ago 26 Jul 21, 9:56pm -
• newToo much data and not enough fraud prevention; biometrics and micro-identities could help
  More consumers see one-time passwords, two-factor authentication and answering 'secret' questions as providing both security and convenience ...
  - 5 hours ago 26 Jul 21, 9:56pm -
• newSmall Updates from the California Attorney General Create Major CCPA Impacts
  ... outside of a relatively narrow exception to bring suit in the event of a data breach, there is no consumer private right of action under the CCPA.
  - 6 hours ago 26 Jul 21, 9:42pm -

Krebs On Security

• newPlugwalkJoe Does the Perp Walk

  

  One day after last summer's mass-hack of Twitter, KrebsOnSecurity wrote that 22-year-old British citizen Joseph "PlugwalkJoe" O'Connor appeared to have been involved in the incident. When the Justice Department last week announced O'Connor's arrest a…
  - 9 hours ago 26 Jul 21, 6:18pm -
• Serial Swatter Who Caused Death Gets Five Years in Prison

  

  A 18-year-old Tennessee man who helped set in motion a fraudulent distress call to police that lead to the death of a 60-year-old grandfather in 2020 was sentenced to 60 months in prison today.
  - 5 days ago 21 Jul 21, 7:59pm -

Naked Security

• newWindows “PetitPotam” network attack – how to protect against it

  

  A cute name but an annoying and potentially damaging attack. Here's what to do.
  - 15 hours ago 26 Jul 21, 12:10pm -
• US court gets UK Twitter hack suspect arrested in Spain

  

  O, what a tangled web we weave/When first we practise to deceive!
  - 3 days ago 23 Jul 21, 6:40pm -

CSO Online

• newBrandPost: Remote Working Changes Are Here to Stay. Are Your Networking Vulnerabilities?

  

  Bad actors are constantly changing and improving the efficacy of their methods, and that of course includes distributed denial-of-service (DDoS) attacks. But last year was unique: Instead of the hackers changing, the world changed for them, and…
  - 14 hours ago 26 Jul 21, 1:05pm -
• newThe state of security hiring: Jobs, skills & salaries

  

  It is probably fair to say that times have always been good for information security job candidates. But as American companies emerge from the restrictions of COVID-19 and face a new workplace ‘normal,’ times are especially good for job seekers,…
  - 18 hours ago 26 Jul 21, 9:00am -

FierceITSecurity

CIO Online

• AI in perspective: The risks, along with AI’s role to improve defenses

  

  As AI deployments proliferate for better decision making, they also present risks across a large spectrum – from job displacement and socioeconomic inequality, to automated bias, to data poisoning, privacy violations, and AI threats used by bad act…
  - 18 days ago 9 Jul 21, 9:00am -
• Redefining IT risk in post-pandemic world

  

  Antonio Vázquez sees the potential for problems everywhere.To read this article in full, please click here(Insider Story)
  - 36 days ago 21 Jun 21, 9:00am -

Homeland Security Today

• newDOJ and HHS Issue Guidance on ‘Long COVID’ and Disability Rights Under the ADA, Section 504, and Section 1557
  Some people continue to experience symptoms that can last weeks or months after first developing COVID-19. This can happen to anyone who has had COVID-19, even if the initial illness was mild.
  - 5 hours ago 26 Jul 21, 10:16pm -
• newVA Mandates COVID-19 Vaccines Among Its Medical Employees Including VHA Facilities Staff
  “We’re mandating vaccines for Title 38 employees because it’s the best way to keep Veterans safe, especially as the Delta variant spreads across the country,” McDonough said.
  - 5 hours ago 26 Jul 21, 9:53pm -

Graham Cluley Latest

• newWho us??? Kaseya says it hasn’t paid anybody for its ransomware decryption key
  Kaseya hasn't paid anyone for the decryptor it managed to get its paws on last week, and is offering to customers hit by a massive ransomware attack.Which only raises the question - who did?
  - 9 hours ago 26 Jul 21, 6:14pm -
• newAverage ransomware payments decline… but that’s not good news
  The latest research finds that ransomware attackers are attempt to extort, on average, a smaller amount of money through their criminal activities.
  - 9 hours ago 26 Jul 21, 5:52pm -

Multi-State Information Sharing Center

• Multiple Vulnerabilities in Mozilla Firefox Could Allow for Remote Code Execution
  ...
  - -
• Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution
  ...
  - -

Network World

• What is Network as a Service (NaaS)?

  

  The day is coming when enterprise IT professionals will be able to order network infrastructure components from a menu of options, have them designed to fit their business needs, and have the whole thing delivered and running in perhaps hours.The…
  - 11 days ago 16 Jul 21, 11:56am -
• Ransomware recovery: Plan for it now

  

  If your computing environment is subject to a large ransomware attack, you will most certainly be enacting your disaster recovery (DR) plan. But before you begin restoring systems, you must first ensure you have stopped the infection, identified i…
  - 19 days ago 8 Jul 21, 10:00am -

Packet Storm Latest

• newRed Hat Security Advisory 2021-2881-01
  Red Hat Security Advisory 2021-2881-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.12.0. Issues addressed include man-in-the-middle, out of bounds write, and use-after-free vulnerabi…
  - 11 hours ago 26 Jul 21, 4:22pm -
• newGentoo Linux Security Advisory 202107-55
  Gentoo Linux Security Advisory 202107-55 - Multiple vulnerabilities have been found in libsdl2, the worst of which could result in a Denial of Service condition. Versions less than 2.0.14-r1 are affected.
  - 11 hours ago 26 Jul 21, 4:22pm -

NIST Latest in IT

• NISTs Network-of-Things Model Builds Foundation to Help Define the Internet of Things
  A new publication from the National Institute of Standards and Technology (NIST) provides a basic model aimed at helping researchers better understand the Internet of Things (IoT) and its security challenges.Credit: Natasha ...
  - 28 Jul 16, 12:10pm -
• Realizing the Potential of Quantum Information Science and Advancing High-Performance Computing
  The White House announced today a new report from the National Science and Technology Council on challenges, opportunities and the path forward in quantum information science, including a plan for high-performance computing.As described ...
  - 27 Jul 16, 2:38pm -

US- CERT Alerts

• AA21-201A: Chinese Gas Pipeline Intrusion Campaign, 2011 to 2013
  Original release date: July 20, 2021 | Last revised: July 21, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework, Version 9. See the ATT&CK for Enterprise for all referenced threat actor…
  - 7 days ago 20 Jul 21, 1:00pm -
• AA21-200A: Tactics, Techniques, and Procedures of Indicted APT40 Actors Associated with China’s MSS Hainan State Security Department
  Original release date: July 19, 2021 | Last revised: July 20, 2021SummaryThis Joint Cybersecurity Advisory was written by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) to provide information…
  - 8 days ago 19 Jul 21, 11:00am -

Cisco Security Alerts

• ISC BIND Subsequent RDATA Query Processing Remote Denial of Service Vulnerability
  HP has released an additional security bulletin and updated software to address the ISC BIND subsequent RDATA query processing remote denial of service vulnerability.
  - 1 Feb 16, 2:04pm -
• Network Time Protocol decodenetnum() Function Denial of Service Vulnerability
  IBM has released a security advisory and fixes to address the Network Time Protocol decodenetnum() function denial of service vulnerability.
  - 25 Jan 16, 1:43pm -

Cisco Event Responses

• Cisco Event Response: Kaseya VSA Security Incident
  - 22 days ago 4 Jul 21, 3:29pm -
• Cisco Event Response: April 2021 Cisco ASA, FMC, and FTD Software Security Advisory Bundled Publication
  - 89 days ago 28 Apr 21, 4:00pm -

HIPPA Omnibus Rule

• AvosLocker Ransomware Gang Recruiting Affiliates, Partners

  

  Malwarebytes: Gang Seeking 'Pentesters' and 'Access Brokers'A recently discovered ransomware-as-a-service gang dubbed AvosLocker is recruiting affiliates and partners, including "pentesters" and "access brokers," on darknet forums, according to the…
  - -
• 18 Companies to Participate in NIST 'Zero Trust' Project

  

  Firms Will Demonstrate Their Architectures to Help Agency Develop GuidanceNIST has selected 18 technology companies to demonstrate "zero trust" security architectures as it prepares to draft guidance for use of the model by federal agencies, which th…
  - -

• Kaseya Says It Did Not Pay Ransom to Obtain Universal Decryptor

  

  Software Firm Continues Helping Ransomware Victims to RecoverRemote management software company Kaseya said Monday that it obtained a universal decryptor key without paying a ransom to the REvil - aka Sodinokibi - gang that hit the firm with a ransom…
  - -
• Lawsuits Against CaptureRx Pile Up and So Do Victim Counts

  

  At Least 3 Lawsuits Filed So Far After Breach Affecting MillionsAnother lawsuit seeking class action status was filed last week against San Antonio-based NEC Networks - which does business as CaptureRx - in the aftermath of a hacking incident that no…
  - -
• HIPAA Omnibus Final Rule
  This package of regulations includes modifications to the HIPAA privacy, security, enforcement and breach notification rules, as required under the HITECH Act.
  - -
• HITECH Act Stage 2 EHR Incentive Program Software Certification Final Rule
  This rule establishes criteria for electronic health records software that qualifies for Stage 2 of the HITECH Act Electronic Health Record Incentive Program. The program, part of the economic stimulus package, is providing billions of dollars in Med…
  - -
• HITECH Act Stage 2 EHR Incentive Program Meaningful Use Final Rule
  This rule establishes criteria that hospitals and physicians must meet to qualify as "meaningful users" of electronic health records and receive further financial incentives in Stage 2 of the HITECH Act Electronic Health Record Incentive Program. The…
  - -
• FDA: Unique Device Identification System
  This proposed rule from the U.S. Food and Drug Administration would require unique identifiers on medical devices. While the rule aims to ease the collection and analysis of data about adverse health events and help detect counterfeit products, no pa…
  - -
• Live Webinar | The Kaseya Breach: What Can You Do About a Supply Chain Attack?
  - -
• Live Webinar | Solving Challenges of Modern Application Development with Java
  - -
• Live Webinar | Improve Cloud Threat Detection and Response using the MITRE ATT&CK Framework
  - -
• Live Webinar | Protecting Yourself From Your Supply Chain: A CISO Panel on Email Security
  - -
• Alert for Ransomware Attack Victims: Here's How to Respond
  As ransomware continues to pummel organizations, if they do get hit, then from an incident response standpoint, what are the essential steps they should take to smooth their recovery? Veteran ransomware-battler Fabian Wosar, CTO of Emsisoft, shares e…
  - -
• Analysis: Implications of the Pegasus Spyware Investigation
  This edition of the ISMG Security Report features an analysis of ongoing investigations into the use of NSO Group's Pegasus spyware to spy on dissidents, journalists, political rivals, business leaders and even heads of state - and discussion of whet…
  - -
• Overcoming Cyberthreat Intelligence-Sharing Hurdles
  While some organizations are improving their ability to share threat intelligence with other entities within the same sector, cross-sector cyber info collaboration is still often a hurdle. But cyber fusion centers can help to automate that process, s…
  - -
• Analysis: Changing Nature of Ransomware Attacks
  This edition of the ISMG Security Report features an analysis of comments from the former head of Britain's GCHQ intelligence agency, Robert Hannigan, on the changing nature of ransomware attacks. Also featured: Disrupting the ransomware-as-a-service…
  - -
• Ransomware: Average Ransom Payment Drops to $137,000
  Fewer Victims Paying Attackers Simply to Delete Stolen Data, Coveware ReportsGood news on the ransomware front: The average ransom paid by a victim dropped by 38% from Q1 to Q2, reaching $136,576, reports ransomware incident response firm Coveware. I…
  - -
• Has REvil Disbanded? White House Says It Doesn't Know
  Speculation Rages as Notorious Ransomware Operation Remains Quiet and OfflineWhat's up with REvil? Questions have been mounting since the notorious ransomware operation went quiet on July 13, not long after unleashing a mega-attack via remote managem…
  - -
• World Leaders Included on Alleged Spyware Targeting List
  NSO Group Refutes Alleged Targeting List - But How Does It Know Customers' Targets?Can NSO Group and other commercial spyware vendors survive the latest revelations into how their tools get used? The Israeli firm is again being accused of selling spy…
  - -
• Is Cryptocurrency-Mining Malware Due for a Comeback?
  If Ransomware Should Decline as a Viable Criminal Business Model, What Comes Next?The world is now focused on ransomware, perhaps more so than any previous cybersecurity threat in history. But if the viability of ransomware as a criminal business mod…
  - -

Electronic Frontier Foundation | Deep Links

• EFF, ACLU Urge Appeals Court to Revive Challenge to Los Angeles’ Collection of Scooter Location Data
  Lower Court Improperly Dismissed Lawsuit Against Privacy-Invasive Data Collection PracticeSan Francisco—The Electronic Frontier Foundation and the ACLU of Northern and Southern California today asked a federal appeals court to reinstate a lawsuit t…
  - 3 days ago 23 Jul 21, 9:48pm -
• Data Brokers are the Problem
  Why should you care about data brokers? Reporting this week about a Substack publication outing a priest with location data from Grindr shows once again how easy it is for anyone to take advantage of data brokers’ stores to cause real harm. This i…
  - 3 days ago 23 Jul 21, 7:59pm -

• Council of Europe’s Actions Belie its Pledges to Involve Civil Society in Development of Cross Border Police Powers Treaty
  As the Council of Europe’s flawed cross border surveillance treaty moves through its final phases of approval, time is running out to ensure cross-border investigations occur with robust privacy and human rights safeguards in place. The innocuously…
  - 4 days ago 23 Jul 21, 2:06am -
• Venmo Takes Another Step Toward Privacy
  As part of a larger redesign, the payment app Venmo has discontinued its public “global” feed. That means the Venmo app will no longer show you strangers’ transactions—or show strangers your transactions—all in one place. This is a big step…
  - 5 days ago 21 Jul 21, 9:12pm -
• Cheers to the Winners of EFF's 13th Annual Cyberlaw Trivia Night

  

  On June 17th, the best legal minds in the Bay Area gathered together for a night filled with tech law trivia—but there was a twist! With in-person events still on the horizon, EFF's 13th Annual Cyberlaw Trivia Night moved to a new browser-based vir…
  - 6 days ago 21 Jul 21, 7:00am -
• India’s Draconian Rules for Internet Platforms Threaten User Privacy and Undermine Encryption
  The Indian government’s new Intermediary Guidelines and Digital Media Ethics Code (“2021 Rules”) pose huge problems for free expression and Internet users’ privacy. They include dangerous requirements for platforms to identify the origins of…
  - 6 days ago 21 Jul 21, 12:14am -
• Victory! Californians Can Now Choose Their Broadband Destiny
  Years ago, we noted that despite being one of the world’s largest economies, the state of California had no broadband plan for universal, affordable, high-speed access. It is clear that access that meets our needs requires fiber optic infrastructur…
  - 6 days ago 20 Jul 21, 7:24pm -
• Pegasus Project Shows the Need for Real Device Security, Accountability, and Redress for Those Facing State-Sponsored Malware
  People all around the world deserve the right to have a private conversation. Communication privacy is a human right, a civil liberty, and one of the centerpieces of a free society. And while we all deserve basic communications privacy, the journalis…
  - 6 days ago 20 Jul 21, 7:11pm -
• Final Day: Connect to a Brighter Internet ☀️

  

  We’ve added one more day to EFF's summer membership drive! Over 900 supporters have answered the call to get the internet right by defending privacy, free speech, and innovation. It’s possible if you’re with us. Will you join EFF?Through Wedne…
  - 6 days ago 20 Jul 21, 5:39pm -
• EFF to Ninth Circuit: Recent Supreme Court Decision in Van Buren Does Not Criminalize Web Scraping
  In an amicus brief filed Friday, EFF and the Internet Archive argued to the Ninth Circuit Court of Appeals that the Supreme Court’s recent decision in Van Buren v. United States shows that the federal computer crime law does not criminalize the co…
  - 7 days ago 19 Jul 21, 9:43pm -
• Right or Left, You Should Be Worried About Big Tech Censorship
  Conservatives are being censoredClaiming that “right-wing voices are being censored,” Republican-led legislatures in Florida and Texas have introduced legislation to “end Big Tech censorship.” They say that the dominant tech platforms block…
  - 10 days ago 16 Jul 21, 9:09pm -
• What Cops Understand About Copyright Filters: They Prevent Legal Speech
  “You can record all you want. I just know it can’t be posted to YouTube,” said an Alameda County sheriff’s deputy to an activist. “I am playing my music so that you can’t post on YouTube.” The tactic didn’t work—the video of his sta…
  - 10 days ago 16 Jul 21, 7:24pm -
• Don’t Let Police Arm Autonomous or Remote-Controlled Robots and Drones
  It’s no longer science fiction or unreasonable paranoia. Now, it needs to be said: No, police must not be arming land-based robots or aerial drones. That’s true whether these mobile devices are remote controlled by a person or autonomously contro…
  - 10 days ago 16 Jul 21, 4:46pm -
• The Tower of Babel: How Public Interest Internet is Trying to Save Messaging and Banish Big Social Media
  This blog post is part of a series, looking at the public interest internet—the parts of the internet that don’t garner the headlines of Facebook or Google, but quietly provide public goods and useful services without requiring the scale or the b…
  - 11 days ago 16 Jul 21, 2:13am -
• Article 17 Copyright Directive: The Court of Justice’s Advocate General Rejects Fundamental Rights Challenge But Defends Users Against Overblocking
  The Advocate General (AG) of the EU Court of Justice today missed an opportunity to fully protect internet users from censorship by automated filtering, finding that the disastrous Article 17 of the EU Copyright Directive doesn’t run afoul of Europ…
  - 11 days ago 15 Jul 21, 7:45pm -
• UK's Draft Online Safety Bill Raises Serious Concerns Around Freedom of Expression
  On May 12, the UK government published a draft of its Online Safety Bill, which attempts to tackle illegal and otherwise harmful content online by placing a duty of care on online platforms to protect their users from such content. The move came as n…
  - 13 days ago 14 Jul 21, 11:30am -
• Clearview’s Face Surveillance Still Has No First Amendment Defense
  Clearview AI extracts faceprints from billions of people, without their consent, and uses these faceprints to help police identify suspects. This does grave harm to privacy, free speech, information security, and racial justice. It also violates the…
  - 13 days ago 13 Jul 21, 5:01pm -
• DNS Provider Hit With Outrageous Blocking Order – Is Your Provider Next?
  The seemingly endless battle against copyright infringement has caused plenty of collateral damage. But now that damages is reaching new levels, as copyright holders target providers of basic internet services. For example, Sony Music has persuaded a…
  - 13 days ago 13 Jul 21, 4:40pm -
• The Internet Loses a Champion with the Passing of Sherwin Siy

  

  We at EFF are devastated to learn of the passing of Sherwin Siy. He was a brilliant advocate and strategist who was dedicated to protecting and preserving the internet as a space for creativity, innovation and sharing. He was also a friend and genero…
  - 18 days ago 8 Jul 21, 5:04pm -
• Digital Rights Updates with EFFector 33.4
  Want the latest news on your digital rights? Then you're in luck! Version 33, issue 4 of EFFector, our monthly-ish email newsletter, is out now! Catch up on rising issues in online security, privacy, and free expression with EFF by reading our newsle…
  - 18 days ago 8 Jul 21, 4:14pm -
• Improving Enforcement in State Consumer Privacy Laws
  Momentum for state privacy bills has been growing over the past couple of years, as lawmakers respond to privacy invasions and constituent demand to address them. As several states end their legislative sessions for the year and lawmakers begin to pl…
  - 19 days ago 7 Jul 21, 11:21pm -
• EFF Gets $300,000 Boost from Craig Newmark Philanthropies to Protect Journalists and Fight Consumer Spyware
  Donation Will Help with Tools and Training for Newsgatherers, and Research on Technology like Stalkerware and BosswareSan Francisco – The Electronic Frontier Foundation (EFF) is proud to announce its latest grant from Craig Newmark Philanthropies:…
  - 19 days ago 7 Jul 21, 5:17pm -
• Greetings from the Internet! Connect with EFF this Summer

  

  Every July, we celebrate EFF’s birthday and its decades of commitment fighting for privacy, security, and free expression for all tech users. This year’s membership drive focuses on a central idea: analog or digital—what matters is connection.…
  - 20 days ago 6 Jul 21, 3:28pm -
• The Future Is in Symmetrical, High-Speed Internet Speeds
  Congress is about to make critical decisions about the future of internet access and speed in the United States. It has a potentially once-in-a-lifetime amount of funding to spend on broadband infrastructure, and at the heart of this debate is the mi…
  - 24 days ago 2 Jul 21, 11:32pm -
• Victory! Fourth Circuit Rules Baltimore’s Warrantless Aerial Surveillance Program Unconstitutional
  This blog post was cowritten by EFF intern Lauren Yu.The U.S. Court of Appeals for the Fourth Circuit ruled last week that Baltimore’s use of aerial surveillance that could track the movements of the entire city violated the Fourth Amendment.The…
  - 24 days ago 2 Jul 21, 6:22pm -
• EFF is Highlighting LGBTQ+ Issues Year-Round

  

  EFF is dedicated to ensuring that technology supports freedom, justice and innovation for all the people of the world. While digital freedom is an LGBTQ+ issue, LGBTQ+ issues are also digital rights issues. For example, LGBTQ+ communities are often t…
  - 24 days ago 2 Jul 21, 4:19pm -
• Supreme Court Narrows Ability to Hold U.S. Corporations Accountable for Facilitating Human Rights Abuses Abroad
  People around the world have been horrified at the role that technology companies like Cisco, Yahoo!, and Sandvine have played in helping governments commit gross human rights abuses. That’s why EFF has consistently called out technology companies,…
  - 25 days ago 1 Jul 21, 11:46pm -
• Victory! Federal Court Halts Florida’s Censorious Social Media Law Privileging Politicians’ Speech Over Everyday Users
  A federal court on Thursday night blocked Florida’s effort to force internet platforms to host political candidates and media entities online speech, ruling that the law violated the First Amendment and a key federal law that protects users’ spee…
  - 25 days ago 1 Jul 21, 7:44pm -
• Nominations Open for 2021 Barlows!
  Nominations are now open for the 2021 Barlows to be presented at EFF's 30th Annual Pioneer Award Ceremony. Established in 1992, the Pioneer Award Ceremony recognizes leaders who are extending freedom and innovation in the realm of technology. In hono…
  - 26 days ago 1 Jul 21, 7:00am -
• Victory! Biden Administration Rescinds Dangerous DHS Proposed Rule to Expand Biometrics Collection
  Marking a big win for the privacy and civil liberties of immigrant communities, the Biden Administration recently rescinded a Trump-era proposed rule that would have massively expanded the collection of biometrics from people applying for an immigrat…
  - 26 days ago 30 Jun 21, 10:17pm -
• PCLOB “Book Report” Fails to Investigate or Tell the Public the Truth About Domestic Mass Surveillance
  The Privacy and Civil Liberties Oversight Board (PCLOB) has concluded its six-year investigation into Executive Order 12333, one of the most sprawling and influential authorities that enables the U.S. government’s mass surveillance programs. The re…
  - 26 days ago 30 Jun 21, 4:48pm -
• Setbacks in the FTC’s Antitrust Suit Against Facebook Show Why We Need the ACCESS Act
  After a marathon markup last week, a number of bills targeting Big Tech’s size and power, including the critical ACCESS Act, were passed out of committee and now await a vote by the entire House of Representatives. This week, decisions by a federal…
  - 27 days ago 30 Jun 21, 4:58am -
• A Wide, Diverse Coalition Agrees on What Congress Needs to Do About Our Broadband
  A massive number of groups representing interests as diverse as education, agriculture, the tech sector, public and private broadband providers, low-income advocacy, workers, and urban and rural community economic development entities came together o…
  - 27 days ago 29 Jun 21, 3:38pm -
• EFF to Ecuador's Human Rights Secretariat: Protecting Security Experts is Vital to Safeguard Everyone's Rights
  Today, EFF sent a letter to Ecuador's Human Rights Secretariat about the troubling, slow-motion case against the Swedish computer security expert Ola Bini since his arrest in April 2019, following Julian Assange's ejection from Ecuador's London Embas…
  - 28 days ago 29 Jun 21, 4:00am -
• Supreme Court Says You Can’t Sue the Corporation that Wrongly Marked You A Terrorist
  In a 5-4 decision, the Supreme Court late last week barred the courthouse door to thousands of people who were wrongly marked as “potential terrorists” by credit giant TransUnion. The Court’s analysis of their “standing” —whether they wer…
  - 28 days ago 28 Jun 21, 5:41pm -
• Decoding California's New Digital Vaccine Records and Potential Dangers

  

  This post was updated on 6/29/21 to more accurately describe how New York is running its voluntary vaccine passport programThe State of California recently released what it calls a “Digital COVID-19 Vaccine Record.” It is part of that state’s…
  - 31 days ago 26 Jun 21, 12:10am -
• [VISUAL] The Overlapping Infrastructure of Urban Surveillance, and How to Fix It

  

  Between the increasing capabilities of local and state police, the creep of federal law enforcement into domestic policing, the use of aerial surveillance such as spy planes and drones, and mounting cooperation between private technology companies an…
  - 32 days ago 24 Jun 21, 6:50pm -
• Now Is The Time: Tell Congress to Ban Federal Use of Face Recognition
  Cities and states across the country have banned government use of face surveillance technology, and many more are weighing proposals to do so. From Boston to San Francisco, New Orleans to Minneapolis, elected officials and activists know that face s…
  - 32 days ago 24 Jun 21, 6:48pm -
• How Big ISPs Are Trying to Burn California’s $7 Billion Broadband Fund

  

  A month ago, Governor Newsom announced a plan to invest $7 billion of federal rescue funds and state surplus dollars to be mostly invested into public broadband infrastructure meant to serve every Californian with affordable access to infrastructure…
  - 33 days ago 23 Jun 21, 7:29pm -
• Standing With Security Researchers Against Misuse of the DMCA
  Security research is vital to protecting the computers upon which we all depend, and protecting the people who have integrated electronic devices into their daily lives. To conduct security research, we need to protect the researchers, and allow them…
  - 33 days ago 23 Jun 21, 4:04pm -
• Supreme Court Upholds Process to Challenge Bad Patents
  The Patent Office grants thousands of patents a year, including many that would be invalidated if a court considered them. These junk patents should never be issued in the first place, but fortunately there is a way to challenge them at the Patent Of…
  - 34 days ago 23 Jun 21, 7:00am -
• A Long Overdue Reckoning For Online Proctoring Companies May Finally Be Here

  

  EFF Legal Intern Haley Amster contributed to this post.Update: An earlier version of this post said that ExamSoft has had a security breach. For clarity: security breaches have only been alleged by users, and ProctorU, a partner of ExamSoft, has had…
  - 34 days ago 22 Jun 21, 11:11pm -
• Understanding Amazon Sidewalk
  Just before the long weekend at the end of May, Amazon announced the release of their Sidewalk mesh network. There are many misconceptions about what it is and what it does, so this article will untangle some of the confusion.It Isn’t Internet Sha…
  - 34 days ago 22 Jun 21, 11:10pm -
• Congress Wants to Put the Brakes on Runaway Acquisitions by Big Tech
  The Judiciary Committee of the U.S. House of Representatives recently released a comprehensive series of bills designed to curb the excesses of Big Tech. One of them, the Platform Competition and Opportunity Act, addresses one of the biggest, most ob…
  - 34 days ago 22 Jun 21, 9:40pm -
• The New ACCESS Act Is a Good Start. Here’s How to Make Sure It Delivers.
  The ACCESS Act is one of the most exciting pieces of federal tech legislation this session. Today’s tech giants grew by taking advantage of the openness of the early Internet, but have designed their own platforms to be increasingly inhospitable fo…
  - 35 days ago 21 Jun 21, 9:50pm -
• Changing Section 230 Won’t Make the Internet a Kinder, Gentler Place
  Tech platforms, especially the largest ones, have a problem—there’s a lot of offensive junk online. Many lawmakers on Capitol Hill keep coming back to the same solution—blaming Section 230.What lawmakers don’t notice is that a lot of the peo…
  - 39 days ago 17 Jun 21, 3:29pm -
• Emails from 2016 Show Amazon Ring's Hold on the LAPD Through Camera Giveaways

  

  In March 2016, “smart” doorbell camera maker Ring was a growing company attempting to market its wireless smart security camera when it received an email from an officer in the Los Angeles Police Department (LAPD) Gang and Narcotics Division, who…
  - 40 days ago 17 Jun 21, 12:06pm -
• 22 Rights Groups Tell PayPal and Venmo to Shape Up Policies on Account Closures
  Companies Have History of Unfair Crackdowns on First-Amendment Protected ActivitiesSan Francisco – Nearly two dozen rights groups, including the Electronic Frontier Foundation (EFF), have joined together to tell PayPal and its subsidiary Venmo to s…
  - 41 days ago 15 Jun 21, 4:42pm -
• Unconstitutional Florida Law Barring Platforms from Suspending Politicians Should be Blocked, EFF Tells Court
  S.B. 7072 Violates First Amendment, Gives Politicians’ Speech Preferential Treatment Over Other UsersTallahassee, Florida—The Electronic Frontier Foundation (EFF) and Protect Democracy urged a federal judge to strike down Florida’s law banning…
  - 42 days ago 14 Jun 21, 8:23pm -
• Hearing Tuesday: EFF Testifies Against SFPD for Violating Transparency Policies
  Police Department Withheld Documents About Use of Facial RecognitionSan Francisco – On Tuesday, June 15, at 5:30 pm PT, the Electronic Frontier Foundation (EFF) will testify against the San Francisco Police Department (SFPD) at the city’s Sunshin…
  - 43 days ago 14 Jun 21, 2:42pm -

• Cloud Security Alliance News
  Click for More Info on Cloud Security Alliance News