Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: PC Security

GAO – Actions Taken by Equifax and Federal Agencies in Response to the 2017 Breach

Data Protection: Actions Taken by Equifax and Federal Agencies in Response to the 2017 Breach. GAO-18-559: Published: Aug 30, 2018. Publicly Released: Sep 7, 2018:

Hackers stole the personal data of nearly 150 million people from Equifax databases in 2017. How did Equifax, a consumer reporting agency, respond to that event? Equifax said that it investigated factors that led to the breach and tried to identify and notify people whose personal information was compromised. In addition, three federal agencies that use Equifax services made their own security assessments and modified contracts with Equifax. Moreover, other federal agencies that oversee consumer reporting agencies started investigating Equifax and gave further advice to consumers on how to protect themselves against security breaches.”

DHS announces US critical infrastructure at risk from Russia

WSJ – DHS Forms New Cyber Hub to Protect Critical U.S. Infrastructure Secretary Nielsen Says ‘Our Intelligence Community Had it Right’ About Russian Interference – What What What ⸮⸮⸮ [see my previous posting about this punctuation mark] As this article is behind a paywall – you may want to avail yourself via US-CERT of the… Continue Reading

These are the websites your clean-install Windows PC connects to by itself

MSPoweruser: “Since the release of Windows 10, Microsoft has been accused of breaching privacy and connecting users to services without proper disclosure. The company now has released a list of websites and services that a Windows PC connects to after a clean install. The list mostly consists of Microsoft services which provide data endpoints to… Continue Reading

Chrome is flagging HTTP sites as “not secure”

In case you have not noticed, your workplace security team has no doubt started blocking your access to websites that are not using HTTPS encryption – via ZDNet: “Chrome will today start marking sites that don’t use HTTPS as “not secure. First announced two years ago, Google said it would flag any site that still… Continue Reading

Getting a password manager is the most important way to improve your online security

Washington Post – “…After testing password managers that work across browsers and devices, I recommend one called Dashlane. It’s the one simple enough that you’re likely to stick with it, though its features are neck and neck with rivals 1Password and LastPass, which are also fine choices. Dashlane, used by 10 million people, is free… Continue Reading

Whistleblower’s guilty plea and unmistakable trail of watermarks

Axios: “Reality Winner has pleaded guilty: “All of my actions I did willfully, meaning I did so of my own free will,” she told a court on Tuesday, per the New York Times‘ report. The former Air Force linguist earned the distinction of being the first person prosecuted by the Trump administration on charges of… Continue Reading

NYT: ‘Firefox Is Back. It’s Time to Give It a Try.’

As a decade long user of Firefox I am not sure why users have been so averse to dropping Chrome – perhaps this New York Times review will help you make the switch now: “Tech Review: After testing Firefox for the last three months, I found it to be on a par with Chrome in… Continue Reading

Federal Cybersecurity Risk Determination Report and Action Plan

NextGov: “Many federal agencies don’t know how hackers are targeting them, can’t tell when hackers steal large amounts of their data and aren’t efficiently spending the cybersecurity money they have, according to a report and action plan released last week. Roughly three-quarters of federal agencies’ cybersecurity programs are currently “at risk” or “at high risk,”… Continue Reading

UK – Internet Safety Strategy green paper

“The Internet Safety Strategy looks at how we can ensure Britain is the safest place in the world to be online. The Strategy considers the responsibilities of companies to their users, the use of technical solutions to prevent online harms and government’s role in supporting users. The consultation covered various aspects of online safety including:… Continue Reading

Beginning July 2018 Chrome will mark all HTTP sites as “not secure”

Google Chromium Blog: “For the past several years, we’ve moved toward a more secure web by strongly advocating that sites adopt HTTPS encryption. And within the last year, we’ve also helped users understand that HTTP sites are not secure by gradually marking a larger subset of HTTP pages as “not secure”. Beginning in July 2018… Continue Reading

36 indicted in global cybercrime ring that stole $530M

DOJ: “A federal indictment was unsealed today charging 36 individuals for their alleged roles in the Infraud Organization, an Internet-based cybercriminal enterprise engaged in the large-scale acquisition, sale, and dissemination of stolen identities, compromised debit and credit cards, personally identifiable information, financial and banking information, computer malware, and other contraband. Following the return of a… Continue Reading

Cybersecurity: Legislation, Hearings, and Executive Branch Documents

CRS – Cybersecurity: Legislation, Hearings, and Executive Branch Documents, Rita Tehan, Information Research Specialist. May 12, 2017. [FAS] “Cybersecurity vulnerabilities challenge governments, businesses, and individuals worldwide. Attacks have been initiated against individuals, corporations, and countries. Targets have included government networks, companies, and political organizations, depending upon whether the attacker was seeking military intelligence, conducting diplomatic… Continue Reading