Data Breach

• newHome » News » Securing Your Supply Chain with CIS and Tripwire
  Where were you when you first heard about the SolarWinds breach? ... with breach reports such as the Verizon Data Breach Investigations Report ...
  - 9 hours ago 15 Apr 21, 3:05am -
• newTech Security Expert: MA Inspection Shutdown Cause "Probably Some Form Of Ransomware"
  Chris Gonsalves is an IT security expert with Channelnomics. ... You would be required to report both the loss of that data and what you did to get it ...
  - 11 hours ago 15 Apr 21, 12:56am -
• newUniversity Of Colorado Refuses To Pay $17 Million Ransom Following Accellion Data Breach
  CU Boulder was notified of the data breach on Jan. 25. The university's Office of Information Security determined files uploaded by 447 CU users were ...
  - 12 hours ago 14 Apr 21, 11:26pm -
• newSeminars | ICO
  This seminar will provide an overview of the steps an organisation can take to help manage a personal data breach, and what it should do in the ...
  - 12 hours ago 14 Apr 21, 11:24pm -
• newDigital Resilience is the New Digital Transformation KPI
  Every digital resilience project needs to consider security breach prevention and ... to automatically discover and quickly recover from data breaches.
  - 13 hours ago 14 Apr 21, 10:52pm -

Krebs On Security

• Microsoft Patch Tuesday, April 2021 Edition

  

  Microsoft today released updates to plug at least 110 security holes in its Windows operating systems and other products. The patches include four security fixes for Microsoft Exchange Server -- the same systems that have been besieged by attacks on…
  - 2 days ago 13 Apr 21, 11:12pm -
• ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

  

  Someone is selling account information for 21 million customers of ParkMobile, a mobile parking app that's popular in North America. The stolen data includes customer email addresses, phone numbers, license plate numbers, hashed passwords and mailing…
  - 3 days ago 12 Apr 21, 10:18pm -

Naked Security

• newFBI hacks into hundreds of infected US servers (and disinfects them)

  

  Hacking for good! A judge said I could!
  - 23 hours ago 14 Apr 21, 12:38pm -
• IoT bug report claims “at least 100M devices” may be impacted

  

  The programmers among us are learning... but not always quickly enough, it seems. Here's some food for coding thought...
  - 2 days ago 13 Apr 21, 6:57pm -

CSO Online

• newBrandPost: Remediate Insecure Configurations to Improve Cybersecurity

  

  A data breach can result in catastrophic consequences for any organization. Ensuring that your IT environment is safe from cyber threats can be a real challenge.To keep intruders out of your networks and data, you need more than up-to-date guidance;…
  - 17 hours ago 14 Apr 21, 7:15pm -
• Tips to improve domain password security in Active Directory

  

  The concept of zero trust is that nothing should be trusted by default. Most of us are trying to work our way to zero trust but are not there yet. Until then, you can take steps to protect your networks better, starting with handling passwords better…
  - 1 day ago 14 Apr 21, 9:00am -

FierceITSecurity

CIO Online

• How Brunswick IT enables digital business

  

  Mike Adams joined Brunswick, the $4.3 billion manufacturing business, in 2017 to define its enterprise architecture function and to work with then CIO Danielle Brown to craft a modernization strategy. Since then, the company has sold off its non-mari…
  - 8 days ago 7 Apr 21, 12:31pm -
• BrandPost: Episode 1: Introduction to CIAM and Why It’s Important

  

  If your customers and clientele don’t feel secure using your products and/or accessing your corporate websites, web portals, and web shops, they won’t sign up, share information, or otherwise engage with your brand. Developing a robust approach t…
  - 10 days ago 5 Apr 21, 5:00pm -

Homeland Security Today

• newIMO Council Set to Expand Under Approved Amendments
  The IMO Council has approved draft amendments to the IMO Convention to expand the size of the Council, extend the term of its Members and recognize three additional language texts as authentic versions  of the IMO Convention.
  - 11 hours ago 15 Apr 21, 12:43am -
• newExceptional Maritime People Honored at Virtual IMO Awards
  The International Maritime Organization has recognized the contributions of a long-standing maritime industry chief and has presented its highest bravery accolade to two maritime pilots from Brazil and an off-duty seafarer from the Philippines.
  - 11 hours ago 15 Apr 21, 12:36am -

Graham Cluley Latest

• newSmashing Security podcast #223: Booze, nudes, and insurance dudes
  Should insurance companies be banned from helping companies pay ransomware demands? How has malware messed with motorcars in the United States? And how are cybercriminals exploiting alcohol drinking during the pandemic?All this and much more is d…
  - 13 hours ago 14 Apr 21, 11:05pm -
• newSchool janitor says she was fired for not installing smartphone tracking app
  A school janitor has lost her job, and she says it's because she refused to download a smartphone app that would track her location.
  - 17 hours ago 14 Apr 21, 7:17pm -

Multi-State Information Sharing Center

• Multiple Vulnerabilities in Mozilla Firefox Could Allow for Remote Code Execution
  ...
  - -
• Multiple Vulnerabilities in Google Chrome Could Allow for Remote Code Execution
  ...
  - -

Network World

• Cisco streamlines, upgrades its SASE bundle

  

  Cisco made enhancements to its security offerings that will expand and change the way customers buy its Secure Access Service Edge products as well as bolster network-access authentication.Cisco's SASE plan will focus on enhancing networking and secu…
  - 15 days ago 31 Mar 21, 7:34pm -
• Report: 5G network slicing could leave flaws for bad actors to exploit

  

  5G networks that incorporate legacy technology could be vulnerable to compromise via a lack of mapping between transport and application layers, according to a report by Ireland-based AdaptiveMobile Security.5G resourcesWhat is 5G? Fast wireless tec…
  - 17 days ago 29 Mar 21, 8:56pm -

Packet Storm Latest

• newMicrosoft Azure DevOps Server 2020.0.1 Cross Site Scripting
  Microsoft Azure DevOps Server version 2020.0.1 suffers from a cross site scripting vulnerability.
  - 19 hours ago 14 Apr 21, 4:50pm -
• newRed Hat Security Advisory 2021-1195-01
  Red Hat Security Advisory 2021-1195-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Va…
  - 19 hours ago 14 Apr 21, 4:50pm -

NIST Latest in IT

• NISTs Network-of-Things Model Builds Foundation to Help Define the Internet of Things
  A new publication from the National Institute of Standards and Technology (NIST) provides a basic model aimed at helping researchers better understand the Internet of Things (IoT) and its security challenges.Credit: Natasha ...
  - 28 Jul 16, 12:10pm -
• Realizing the Potential of Quantum Information Science and Advancing High-Performance Computing
  The White House announced today a new report from the National Science and Technology Council on challenges, opportunities and the path forward in quantum information science, including a plan for high-performance computing.As described ...
  - 27 Jul 16, 2:38pm -

US- CERT Alerts

• AA21-077A: Detecting Post-Compromise Threat Activity Using the CHIRP IOC Detection Tool
  Original release date: March 18, 2021 | Last revised: April 9, 2021SummaryThis Alert announces the CISA Hunt and Incident Response Program (CHIRP) tool. CHIRP is a forensics collection tool that CISA developed to help network defenders find indicator…
  - 28 days ago 18 Mar 21, 6:00pm -
• AA21-076A: TrickBot Malware

  

  Original release date: March 17, 2021 | Last revised: March 24, 2021SummaryThis Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise for all referenced threat actor tactics…
  - 29 days ago 17 Mar 21, 3:00pm -

Cisco Security Alerts

• ISC BIND Subsequent RDATA Query Processing Remote Denial of Service Vulnerability
  HP has released an additional security bulletin and updated software to address the ISC BIND subsequent RDATA query processing remote denial of service vulnerability.
  - 1 Feb 16, 2:04pm -
• Network Time Protocol decodenetnum() Function Denial of Service Vulnerability
  IBM has released a security advisory and fixes to address the Network Time Protocol decodenetnum() function denial of service vulnerability.
  - 25 Jan 16, 1:43pm -

Cisco Event Responses

• Cisco Event Response: March 2021 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication
  - 22 days ago 24 Mar 21, 11:00pm -
• Cisco Event Response: February 2021 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication
  - 49 days ago 25 Feb 21, 12:00am -

HIPPA Omnibus Rule

• Senators Push for Changes in Wake of SolarWinds Attack

  

  Intelligence Hearing Focuses on Need for Federal Breach Notification Law, Fixing 'Blind Spots'The SolarWinds supply chain attack that led to follow-on attacks on nine government agencies and 100 companies points to the need for a federal law requirin…
  - -
• Phishing Campaign Targeting COVID Vaccine 'Cold Chain' Expands

  

  Updated Report From IBM Provides New DetailsCybercriminals, likely backed by nation-states, are expanding global spear-phishing campaigns targeting the COVID-19 vaccine "cold chain" in an attempt to steal credentials so they can gain "privileged insi…
  - -

• Educating Hospital Board Members on Cybersecurity

  

  CISO Alain de Maght on Developing 'Common Understanding'Hospital CISOs need to make board members more aware of why cybersecurity should be an essential element of enterprise IT governance - especially as the use of internet-connected medical devices…
  - -
• Defining Synthetic ID Fraud: How It Helps With Mitigation

  

  Fed Releases a Definition That Could Make It Easier to Identify Red FlagsNow that the Federal Reserve has issued a definition for synthetic ID fraud, fraud-fighting efforts likely will improve because it will be easier to identify red flags, some sec…
  - -
• HIPAA Omnibus Final Rule
  This package of regulations includes modifications to the HIPAA privacy, security, enforcement and breach notification rules, as required under the HITECH Act.
  - -
• HITECH Act Stage 2 EHR Incentive Program Software Certification Final Rule
  This rule establishes criteria for electronic health records software that qualifies for Stage 2 of the HITECH Act Electronic Health Record Incentive Program. The program, part of the economic stimulus package, is providing billions of dollars in Med…
  - -
• HITECH Act Stage 2 EHR Incentive Program Meaningful Use Final Rule
  This rule establishes criteria that hospitals and physicians must meet to qualify as "meaningful users" of electronic health records and receive further financial incentives in Stage 2 of the HITECH Act Electronic Health Record Incentive Program. The…
  - -
• FDA: Unique Device Identification System
  This proposed rule from the U.S. Food and Drug Administration would require unique identifiers on medical devices. While the rule aims to ease the collection and analysis of data about adverse health events and help detect counterfeit products, no pa…
  - -
• AppSec Risk: You Can’t Manage What You Can’t Measure
  - -
• deutsche Sprache | Cloud-Based Email Security: Best Practices for Securing Office 365
  - -
• Live Webinar: Understanding the AppSec Challenges and Opportunities: The Way Forward
  - -
• 6 Significant Cybersecurity Implications in 2021
  - -
• State of the Marketplace: A Conversation With Dave DeWalt
  Dave DeWalt, former CEO of FireEye and McAfee, has been appointed vice chair of the board of LogDNA, a log management company, and he’s committed to the popular “shift left” movement. But he’s also got a keen eye on the broader cybersecurity…
  - -
• FDA's Kevin Fu on Threat Modeling for Medical Devices
  More precise and pervasive cybersecurity threat modeling during manufacturers' development of medical devices - and also during the regulatory product review process - is critical for risk mitigation, says Kevin Fu, new acting director of medical dev…
  - -
• Crisis Communications: How to Handle Breach Response
  The latest edition of the ISMG Security Report features an analysis of why transparent communication in the aftermath of a data breach pays off. Also featured: Mastercard on digital identity issues; building a more diverse and inclusive cybersecurity…
  - -
• Analysis: Fat Face's Awkward Breach Notification
  The latest edition of the ISMG Security Report features an analysis of retailer Fat Face’s awkward "strictly private and confidential" data breach notification. Also featured: Discussions on the ethics of buying leaked data and the rise of central…
  - -
• How Fraudsters Nearly Stole $17.5 Million via PPE Fraud
  4 Dutch and Nigerian Suspects Accused of Scamming German Health AuthorityInterpol says Dutch and Nigerian suspects created a cloned version of a legitimate personal protective equipment provider's website to trick a German health authority seeking fa…
  - -
• Facebook Tries to 'Scrape' Its Way Through Another Breach
  Social Network Attempts 'Not Hacking' Spin on Theft of 533 Million Users' DetailsFacebook has been attempting to dismiss the appearance of a massive trove of user data by claiming it wasn't hacked, but scraped. No matter how the theft is characterize…
  - -
• Death to 'Fluffy': Please Stop With the Pet Name Passwords
  Pets, Sports Teams, Notable Dates and Family Member Names Predominate, Experts WarnLoving your pet and creating tough-to-crack passwords should remain two distinctly separate activities. Unfortunately, Britain's National Cyber Security Center reports…
  - -
• Post-Ransomware Response: Victim Says 'Do the Right Thing'
  Experts Laud Scottish Environment Protection Agency for Transparent ResponseCrisis communications: If your organization suffers a ransomware outbreak - despite its best cybersecurity efforts - is it ready to respond quickly and transparently? Experts…
  - -

Electronic Frontier Foundation | Deep Links

• newCongress, Don’t Let ISP Lobbyists Sabotage Fiber for All
  For the first time, an American president has proposed a plan that wouldn’t just make a dent in the digital divide, it will end it. By deploying federal resources at the level and scale this country has not seen since electrification nearly 100 y…
  - 17 hours ago 14 Apr 21, 7:16pm -
• newForced Arbitration Thwarts Legal Challenge to AT&T’s Disclosure of Customer Location Data
  Location data generated from our cell phones paint an incredibly detailed picture of our movements and private lives. Despite the sensitive nature of this data and a federal law prohibiting cellphone carriers from disclosing it, repeated unauthorized…
  - 19 hours ago 14 Apr 21, 4:26pm -

• California: Demand Broadband for All
  From the pandemic to the Frontier bankruptcy to the ongoing failures in remote learning, we’ve seen now more than ever how current broadband infrastructure fails to meet the needs of the people. This pain is particularly felt in already under-ser…
  - 2 days ago 13 Apr 21, 11:11pm -
• Why EFF Supports Repeal of Qualified Immunity
  Our digital rights are only as strong as our power to enforce them. But when we sue government officials for violating our digital rights, they often get away with it because of a dangerous legal doctrine called “qualified immunity.”Do you think…
  - 3 days ago 12 Apr 21, 9:28pm -
• After Cookies, Ad Tech Wants to Use Your Email to Track You Everywhere

  

  Cookies are dying, and the tracking industry is scrambling to replace them. Google has proposed Federated Learning of Cohorts (FLoC), TURTLEDOVE, and other bird-themed tech that would have browsers do some of the behavioral profiling that third-party…
  - 3 days ago 12 Apr 21, 8:41pm -
• Deceptive Checkboxes Should Not Open Our Checkbooks

  

  Last week, the New York Times highlighted the Trump 2020 campaign’s use of deceptive web designs to deceive supporters into donating far more money than they had intended. The campaign’s digital donation portal hid an unassuming but unfair method…
  - 6 days ago 9 Apr 21, 11:18pm -
• EFF Challenges Surreptitious Collection of DNA at Iowa Supreme Court
  Last week, EFF, along with the ACLU and the ACLU of Iowa, filed an amicus brief in the Iowa Supreme Court challenging the surreptitious collection of DNA without a warrant. We argued this practice violates the Fourth Amendment and Article I, Section…
  - 6 days ago 9 Apr 21, 7:35pm -
• Am I FLoCed? A New Site to Test Google's Invasive Experiment
  Today we’re launching Am I FLoCed, a new site that will tell you whether your Chrome browser has been turned into a guinea pig for Federated Learning of Cohorts or FLoC, Google’s latest targeted advertising experiment. If you are a subject, we wi…
  - 6 days ago 9 Apr 21, 7:22pm -
• What Movie Studios Refuse to Understand About Streaming
  The longer we live in the new digital world, the more we are seeing it replicate systemic issues we’ve been fighting for decades. In the case of movie studios, what we’ve seen in the last few years in streaming mirrors what happened in the 1930s…
  - 8 days ago 7 Apr 21, 7:57pm -
• Organizations Call on President Biden to Rescind President Trump’s Executive Order that Punished Online Social Media for Fact-Checking
  President Joe Biden should rescind a dangerous and unconstitutional Executive Order issued by President Trump that continues to threaten internet users’ ability to obtain accurate and truthful information online, six organizations wrote in a letter…
  - 8 days ago 7 Apr 21, 6:01pm -
• India’s Strict Rules For Online Intermediaries Undermine Freedom of Expression
  India has introduced draconian changes to its rules for online intermediaries, tightening government control over the information ecosystem and what can be said online. It has created rules that seek to restrict social media companies and other conte…
  - 8 days ago 7 Apr 21, 3:06pm -
• The EU Online Terrorism Regulation: a Bad Deal
  On 12 September 2018, the European Commission presented a proposal for a regulation on preventing the dissemination of terrorist content online—dubbed the Terrorism Regulation, or TERREG for short—that contained some alarming ideas. In particular…
  - 8 days ago 7 Apr 21, 7:00am -
• Victory for Fair Use: The Supreme Court Reverses the Federal Circuit in Oracle v. Google
  In a win for innovation, the U.S. Supreme Court has held that Google’s use of certain Java Application Programming Interfaces (APIs) is a lawful fair use. In doing so, the Court reversed the previous rulings by the Federal Circuit and recognized th…
  - 9 days ago 6 Apr 21, 12:34am -
• 553,000,000 Reasons Not to Let Facebook Make Decisions About Your Privacy
  Another day, another horrific Facebook privacy scandal. We know what comes next: Facebook will argue that losing a lot of our data means bad third-party actors are the real problem that we should trust Facebook to make more decisions about our data t…
  - 9 days ago 6 Apr 21, 12:03am -
• First Circuit Upholds First Amendment Right to Secretly Audio Record the Police
  EFF applauds the U.S. Court of Appeals for the First Circuit for holding that the First Amendment protects individuals when they secretly audio record on-duty police officers. EFF filed an amicus brief in the case, Martin v. Rollins, which was brough…
  - 10 days ago 5 Apr 21, 9:52pm -
• Maine Should Take this Chance to Defund the Local Intelligence Fusion Center
  Maine state representative Charlotte Warren has introduced LD1278 (HP938), or An Act To End the Maine Information and Analysis Center Program, a bill that would defund the Maine Information and Analysis Center (MIAC), also known as Maine’s only fus…
  - 13 days ago 2 Apr 21, 6:18pm -
• Ethos Capital Is Grabbing Power Over Domain Names Again, Risking Censorship-For-Profit. Will ICANN Intervene?
  Ethos Capital is at it again. In 2019, this secretive private equity firm that includes insiders from the domain name industry tried to buy the nonprofit that runs the .ORG domain. A huge coalition of nonprofits and users spoke out. Governments expre…
  - 13 days ago 2 Apr 21, 5:15am -
• Content Moderation Is A Losing Battle. Infrastructure Companies Should Refuse to Join the Fight
  It seems like every week there’s another Big Tech hearing accompanied by a flurry of mostly bad ideas for reform. Two events set last week’s hubbub apart, both involving Facebook. First, Mark Zuckerberg took a new step in his blatant effort to us…
  - 13 days ago 2 Apr 21, 12:44am -
• The FCC Wants Your Broadband Horror Stories: You Know What to Do
  At long last, the Federal Communications Commission (FCC) is asking for your broadband experiences. When you submit your experiences here, you will let the FCC know whether you have been adequately served by your internet service provider (ISP). The…
  - 14 days ago 1 Apr 21, 9:41pm -
• Tenth Circuit Misses Opportunity to Affirm the First Amendment Right to Record the Police
  We are disappointed that the U.S. Court of Appeals for the Tenth Circuit this week dodged a critical constitutional question: whether individuals have a First Amendment right to record on-duty police officers.EFF had filed an amicus brief in the cas…
  - 14 days ago 1 Apr 21, 5:47pm -
• EFF to Court: Don’t Let Pseudo-IP Thwart Speech, Innovation, and Competition
  The threats to online expression and innovation keep coming. One that’s flown under the radar is a misguided effort to convince the Third Circuit Court of Appeals to allow claims based on the “right of publicity,” (i.e., the right to control th…
  - 15 days ago 31 Mar 21, 11:46pm -
• Schools Can’t Punish Students for Off-Campus Speech, Including Social Media Posts, EFF Tells Supreme Court
  Online Comments Made Outside School Are Fully Protected by the First AmendmentWashington, D.C.—The Electronic Frontier Foundation (EFF) urged the Supreme Court to rule that when students post on social media or speak out online while off campus, th…
  - 15 days ago 31 Mar 21, 6:33pm -
• Google Is Testing Its Controversial New Ad Targeting Tech in Millions of Browsers. Here’s What We Know.
  Update, April 9, 2021 : We've launched Am I FLoCed, a new site that will tell you whether your Chrome browser has been turned into a guinea pig for Federated Learning of Cohorts or FLoC, Google’s latest targeted advertising experiment. Today, G…
  - 15 days ago 31 Mar 21, 3:35am -
• Crowdfunding Legal Fees Is Not a Crime
  A piece in USA Today describes how a number of Capitol Hill rioters are utilizing online fundraising platforms to raise funds to cover legal fees, only to find their accounts shut down. This is prompting an online discussion not only about when and h…
  - 16 days ago 30 Mar 21, 11:45pm -
• Local Franchising, Big Cities, and Fiber Broadband
  In 2005, the Federal Communications Commission (FCC) made a foundational decision on how broadband competition policy would work with the entry of fiber to the home. In short, the FCC concluded that competition was growing, government policy was unne…
  - 16 days ago 30 Mar 21, 3:55pm -
• Stupid Patent of the Month: Telehealth Robots Say Goodbye
  Before COVID-19, people living in rural and isolated areas urgently needed to access health care services remotely; now we all do. Thanks to decades of innovation in computing and telecommunications, more essential health care services are available…
  - 17 days ago 29 Mar 21, 6:16pm -
• Even with Changes, the Revised PACT Act Will Lead to More Online Censorship
  Among the dozens of bills introduced last Congress to amend a key internet law that protects online services and internet users, the Platform Accountability and Consumer Transparency Act (PACT Act) was perhaps the only serious attempt to tackle the p…
  - 20 days ago 26 Mar 21, 11:10pm -
• Dystopia Prime: Amazon Subjects Its Drivers to Biometric Surveillance
  Some high-tech surveillance is so dangerous to privacy that companies must never deploy it against a person without their voluntary opt-in consent. It comes as little surprise that Amazon, the company that brought you Ring doorbell cameras and Rekogn…
  - 20 days ago 26 Mar 21, 9:40pm -
• Free as in Climbing: Rock Climber’s Open Data Project Threatened by Bogus Copyright Claims
  Rock climbers have a tradition of sharing “beta”—helpful information about a route—with other climbers. Giving beta is both useful and a form of community-building within this popular sport. Given that strong tradition of sharing, we were dis…
  - 21 days ago 25 Mar 21, 7:05pm -
• Facebook’s Pitch to Congress: Section 230 for Me, But not for Thee
  - 21 days ago 25 Mar 21, 1:28am -
• Statement on the Re-election of Richard Stallman to the FSF Board
  We at EFF are profoundly disappointed to hear of the re-election of Richard Stallman to a leadership position at the Free Software Foundation, after a series of serious accusations of misconduct led to his resignation as president and board member o…
  - 22 days ago 24 Mar 21, 11:05pm -
• Facebook Treats Punk Rockers Like Crazy Conspiracy Theorists, Kicks Them Offline
  Facebook announced last year that it would be banning followers of QAnon, the conspiracy theorists that allege that a cabal of satanic pedophiles is plotting against former U.S. president Donald Trump. It seemed like a case of good riddance to ba…
  - 23 days ago 23 Mar 21, 5:50pm -
• Pasco County’s Sheriff Must End Its Targeted Child Harassment Program

  

  In September 2020, the Tampa Bay Times revealed a destructive “data-driven” policing program run by the Pasco County, Florida Sheriff's Office. The program is misleadingly called “Intelligence-Led Policing” (ILP), but in reality, it's nothin…
  - 24 days ago 22 Mar 21, 6:34pm -
• Video Hearing Tuesday: EFF Tells California Lawmakers to Crack Down on License Plate Data Collection
  SB 210 Would Require Data Destruction Within 24 Hours, Among Other ReformsSacramento – On Tuesday, March 23, at 1:30 pm PT, the Electronic Frontier Foundation (EFF) will urge California senators to crack down on location tracking by passing SB 210,…
  - 24 days ago 22 Mar 21, 6:32pm -
• EFF Joins Effort to Restrict Automated License Plate Readers in California

  

  One year ago, the California State Auditor released a damning report on the use of automated license plate readers (ALPRs) by local law enforcement agencies that confirmed concerns EFF has raised for years. Police are using these camera systems to co…
  - 27 days ago 19 Mar 21, 10:59pm -
• AT&T’s HBO Max Deal Was Never Free
  When it launched HBO Max, it was discovered that usage of the service would not count against the data caps of AT&T customers, a practice known as “zero-rating.” This means that people on limited data plans could watch as much HBO Max content as…
  - 28 days ago 18 Mar 21, 8:34pm -
• EFF Members: We Want to Hear From You!
  For the first time, the Electronic Frontier Foundation is reaching out to its vast community to improve its membership program and outreach.Today current EFF members and other donors from the past year will receive an email inviting them to tell us…
  - 28 days ago 18 Mar 21, 6:51pm -
• Twitter, Trump, and Tough Decisions: EU Freedom of Expression and the Digital Services Act
  This blog post was co-written by Dr. Aleksandra Kuczerawy (Senior Fellow and Researcher at KU Leuven) and inspired by her publication at Verfassungsblog.Suspension of Trump’s Social Media Accounts: Controversial, but not unprecedentedThe suspensi…
  - 28 days ago 18 Mar 21, 7:00am -
• An Antitrust Exemption for News Media Won’t Take Us Back to the Time Before Big Tech
  Something is rotten online. Facebook and Google dominate the market on online advertising, depleting the resources needed by any other company reliant on serving digital content. For news media, the confluence of an increasingly digital world with Go…
  - 29 days ago 17 Mar 21, 6:31pm -
• Additional Regulations Approved for the California Consumer Privacy Act
  The California Attorney General recently published new regulations that implement the California Consumer Privacy Act (CCPA), a law that takes some important steps to empower consumer choice. What stands out the most in the new regulations is the exp…
  - 29 days ago 17 Mar 21, 5:07pm -
• EFF’s Crowd-Sourced Atlas of Surveillance Project Honored with Award for Advancing Public’s Right to Know About Police Spying
  Partnering with University of Nevada, Reno Reynolds School of Journalism Students, EFF Collects and Aggregates Data about Police Surveillance SAN FRANCISCO—The Electronic Frontier Foundation (EFF) is pleased to announce it has received the James Ma…
  - 30 days ago 16 Mar 21, 3:22pm -
• Sacramento Might be Undergoing a Broadband Policy Reboot
  When it comes to broadband policy, much of the attention on California understandably has been focused on its legal win on S.B. 822, its landmark net neutrality law. That court case is likely to head to the 9th Circuit next, and we are optimistic tha…
  - 31 days ago 15 Mar 21, 10:46pm -
• Rewriting Intermediary Liability Laws: What EFF Asks – and You Should Too
  Rewriting the legal pillars of the Internet is a popular sport these days. Frustration at Big Tech, among other things, has led to a flurry of proposals to change long-standing laws, like Section 230, Section 512 of the DMCA, and the E-Commerce Direc…
  - 31 days ago 15 Mar 21, 9:26pm -
• Thank You for Speaking Against a Terrible Copyright Proposal
  Last week was the deadline for comments on the draft of the so-called “Digital Copyright Act,” a proposal which would fundamentally change how creativity functions online. We asked for creators to add their voices to the many groups opposing this…
  - 31 days ago 15 Mar 21, 7:16pm -
• The Foilies 2021

  

  Recognizing the year's worst in government transparency.The Foilies were compiled by Electronic Frontier Foundation Director of Investigations Dave Maass, Senior Staff Attorney Aaron Mackey,  and Frank Stanton Fellow Naomi Gilens, and MuckRock News…
  - 32 days ago 14 Mar 21, 3:51pm -
• Seattle and Portland: Say No to Public-Private Surveillance Networks
  An organization calling itself Safe Cities Northwest is aiming to create public-private surveillance networks in Portland, Oregon and Seattle, Washington. The organization claims that it is building off of a “successful model for public safety” t…
  - 34 days ago 12 Mar 21, 6:56pm -
• Congress Proposes Bold Plan to End the Digital Divide
  New year, new Congress, but the problems of Internet access remains. If anything, the longer the COVID-19 crisis continues, the stronger the case for fast, affordable, Internet for all becomes. And so, an updated version of the Accessible, Affordable…
  - 35 days ago 11 Mar 21, 8:05pm -
• App Stores Have Kicked Out Some Location Data Brokers. Good, Now Kick Them All Out.
  Last fall, reports revealed the location data broker X-Mode’s ties to several U.S. defense contractors. Shortly after, both Apple and Google banned the X-Mode SDK from their app stores, essentially shutting off X-Mode’s pipeline of location data.…
  - 36 days ago 10 Mar 21, 7:26pm -
• EFF to Supreme Court: Users Must Be Able to Hold Tech Companies Accountable in Lawsuits When Their Data is Mishandled
  Facebook, Google, and Others Want To Make It Harder For Users To SueWashington, D.C.—The Electronic Frontier Foundation (EFF) today urged the Supreme Court to rule that consumers can take big tech companies like Facebook and Google to court, includ…
  - 36 days ago 10 Mar 21, 6:15pm -
• Internet Advocates Call on ISPs to Commit to Basic User Privacy Protections
  This blog post was co-written by EFF, the Internet Society, and Mozilla.As people have learned more about how companies like Google and Facebook track them online they are increasingly taking steps to protect themselves, but there is one relatively…
  - 36 days ago 10 Mar 21, 2:04pm -

• Cloud Security Alliance News
  Click for More Info on Cloud Security Alliance News