Lucene search
K

19 matches found

The Hacker News
The Hacker News
added 2021/10/21 7:43 a.m.50 views

U.S. Government Bans Sale of Hacking Tools to Authoritarian Regimes

The U.S. Commerce Department on Wednesday announced new rules barring the sales of hacking software and equipment to authoritarian regimes and potentially facilitate human rights abuse for national security NS and anti-terrorism AT reasons. The mandate, which is set to go into effect in 90 days,...

0.8AI score
Exploits0
ThreatPost
ThreatPost
added 2016/12/20 3:34 p.m.11 views

Wassenaar Renegotiation Will Be in Trump Administration's Hands

A nearly two-year effort to renegotiate language related to export controls around intrusion software in the Wassenaar Arrangement was rejected earlier this month during the member states’ plenary meeting. This means that the overly broad language in the first draft of the rules, introduced in Ma...

0.1AI score
Exploits0References5
ThreatPost
ThreatPost
added 2016/11/22 8:57 a.m.10 views

DoD Publishes Vulnerability Disclosure Policy

The Department of Defense promised upon the inception of the Hack the Pentagon bug bounty program that it would continue to engage white-hats. Hack the Pentagon set the tone with more than 1,400 participants and 138 vulnerabilities resolved during the 24-day trial during the spring. Two weeks ago...

7AI score
Exploits0References7
ThreatPost
ThreatPost
added 2016/03/01 10:24 a.m.9 views

White House Wants Wassenaar Renegotiation

The White House, lawmakers said yesterday, wants to renegotiate the divisive U.S. implementation of the Wassenaar Arrangement rules as they relate to intrusion software. A draft of the rules was pulled off the table in July by the Commerce Department’s Bureau of Industry and Security BIS followin...

0.7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2016/02/17 9:26 a.m.8 views

Katie Moussouris on the Latest Wassenaar Arrangement Rules

Threatpost editor Mike Mimoso talks to HackerOne chief policy officer Katie Moussouris about the U.S. implementation of the Wassenaar Arrangement rules and where things stand close to seven months after the initial draft was pulled off the table for a rewrite...

1.9AI score
Exploits0
ThreatPost
ThreatPost
added 2016/02/04 3:51 p.m.12 views

Government Promises Comment Period on Next Wassenaar Draft

It’s been months since the U.S. Commerce Department’s Bureau of Industry and Security pulled the U.S. implementation of the Wassenaar Arrangement off the table for an unusual rewrite of the rules governing so-called intrusion software. The overly broad rule drew the ire of security and privacy...

0.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2015/12/24 9:0 a.m.15 views

Mike Mimoso and Chris Brook Discuss the Threats of 2015

With 2015 more or less in the rear view mirror Mike Mimoso and Chris Brook discuss the year in security: Wassenaar, ransomware, Carbanak and Equation Group,how big of a deal Stagefright was, that Juniper backdoor, and more. Download: tp2015inreview.mp3 Music by Chris Gonsalves...

1.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2015/09/04 8:30 a.m.12 views

Citing Wassenaar, HP Pulls out of Mobile Pwn2Own

More evidence of the potential chilling effect the Wassenaar Arrangement could have on security research surfaced this week when it was revealed HP has decided not to take part in November’s Mobile Pwn2Own hacking contest in Japan. Dragos Ruiu, who organizes the CanSecWest and PacSecWest...

7.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2015/08/06 5:26 p.m.13 views

'Prohibition Era' Of Security Research May Be Ahead

LAS VEGAS–Export controls have become a dirty phrase in the security community, especially among researchers, pen testers, and others who rely on vulnerability information and exploits to do their jobs. And if the Wassenaar Arrangement rules proposed by the United States aren’t modified...

0.7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2015/07/31 12:56 p.m.11 views

Government Takes Second Look at US Wassenaar Rules

In spite of self-congratulatory pats on the back from several corners of the security world, this week’s decision from the Commerce Department’s Bureau of Industry and Security BIS to rewrite the proposed U.S. implementation of the Wassenaar Arrangement rules was an expected outcome—albeit an...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2015/07/24 1:29 p.m.84 views

Stakeholders Argue Against Restrictive Wassennaar Proposal

The commenting period regarding the Wassenaar Arrangement expired on Monday but the echo chamber around the largely maligned proposal continues to reverberate. Several stakeholders implicated in the proposal added their voices to that chamber on Friday morning, urging the government to revise...

9.3CVSS8.5AI score0.99945EPSS
Exploits33References11
ThreatPost
ThreatPost
added 2015/07/20 2:38 p.m.12 views

Google Calls Proposed U.S. Wassenaar Rules 'Not Feasible'

As the clock winds down on the comment period for the United States government’s proposed implementation of the Wassenaar Arrangement export controls for intrusion software, Google officials say that the rules would have a “significant negative impact” on security research. The Department of...

0.7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2015/07/15 11:6 a.m.10 views

Coalition of Security Companies Forms to Oppose Wassenaar Rules

A large group of security companies have formed a coalition to oppose the proposed rules from the Department of Commerce that would regulate the export of so-called intrusion software, a broad term that researchers and legal experts are concerned would limit security research and development. The...

0.1AI score
Exploits0References1
ThreatPost
ThreatPost
added 2015/07/06 2:6 p.m.21 views

UK Student's Research a Wassenaar Casualty

U.S.-based security researchers may soon be championing the case of Grant Wilcox, a young U.K. university student whose work is one of the few publicly reported casualties of the Wassenaar Arrangement. Wilcox last week published his university dissertation, presented earlier this spring for an...

7.3AI score
Exploits0References10
ThreatPost
ThreatPost
added 2015/06/08 1:32 p.m.15 views

Wassenaar, Bug Bounties and Vulnerability Rewards Programs

Bug bounties have gone from novelty to necessity, not only for enterprises looking to take advantage of the skills of an organized pool of vulnerability hunters, but also for a slew of independent researchers who make a living contributing to various vendor and independent bounty and reward...

7AI score
Exploits0References3
ThreatPost
ThreatPost
added 2015/05/27 11:48 a.m.11 views

Security Researchers Publish Comments on Wassenaar Rules

With the two-month comment period for the proposed U.S. Wassenaar Arrangement rules barely under way, a cast of influential security researchers has wasted no time preparing and submitting their thoughts on the controversial proposal. Researchers who seek out vulnerabilities in software—developin...

7.1AI score
Exploits0References7
ThreatPost
ThreatPost
added 2015/05/22 12:19 p.m.8 views

Podcast Discussing the Week's Security, Crypto News

Dennis Fisher and Mike Mimoso talk about the Logjam attack, the proposed Wassenaar export rules on exploits, and the letter to the president decrying crypto back doors. They do not talk about the Mad Men finale. Nor will they ever. Download: digitalunderground204.mp3 Music by Chris Gonsalves...

3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2015/05/21 12:59 p.m.13 views

Proposed U.S. Wassenaar Rules on Intrusion Software

Two things worth noting from yesterday’s unveiling of the Bureau of Industry and Security’s proposed Wassenaar rules for the U.S. that weren’t so overt: a The U.S. generally leads the way in implementing Wassenaar changes, and this time it’s been beaten by the EU by almost 18 months; and b reques...

7.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2015/05/20 4:26 p.m.13 views

Researchers Wary of Wassenaar Arrangement Proposed Rules

Professional security researchers concerned about proposed changes to the Computer Fraud and Abuse Act CFAA that include stiff penalties for what today is considered legitimate offensive research, are worried about another impending punch to the gut. The Commerce Department’s Bureau of Industry a...

7.4AI score
Exploits0References2
Rows per page
Query Builder