lemmydev2

Law journal article that looks at the Dual_EC_PRNG backdoor from a US constitutional perspective: Abstract: The National Security Agency (NSA) reportedly paid and pressured technology companies to trick their customers into using vulnerable encryption products. This Article examines whether any of three theories removed the Fourth Amendment’s requirement that this be reasonable. The first is that a challenge to the encryption backdoor might fail for want of a search or seizure. The Article rejects this both because the Amendment reaches some vulnerabilities apart from the searches and seizures they enable and because the creation of this vulnerability was itself a search or seizure. The second is that the role of the technology companies might have brought this backdoor within the private-search doctrine. The Article criticizes the doctrine­ particularly its origins in Burdeau v. McDowell­and argues that if it ever should apply, it should not here. The last is that the customers might have waived their Fourth Amendment rights under the third-party doctrine. The Article rejects this both because the customers were not on notice of the backdoor and because historical understandings of the Amendment would not have tolerated it. The Article concludes that none of these theories removed the Amendment’s reasonableness requirement...

The sentence is one of the largest handed down to a U.S. national for their role in the North Korean government-linked scheme.

It’s been six months since the EU’s Digital Operational Resilience Act (DORA) came into effect, but a new Censuswide survey shows that nearly all financial services organizations in EMEA still feel unprepared. An overwhelming 96% of respondents said their current level of data resilience isn’t where it needs to be. The survey, which gathered input from senior IT decision-makers in the UK, France, Germany, and the Netherlands, paints a clear picture: financial institutions are still … More → The post Six months into DORA, most financial firms are still not ready appeared first on Help Net Security.

Anyone can buy or collect data, but the goal must be to realize actionable insight relevant to the organization in question.

Aalto University physicists in Finland have set a new benchmark in quantum computing by achieving a record-breaking millisecond coherence in a transmon qubit — nearly doubling prior limits. This development not only opens the door to far more powerful and stable quantum computations but also reduces the burden of error correction.

Good luck getting an appointment with your doctor The AMEOS Group, which runs over 100 hospitals across Europe, has shut down its entire network after crims busted in.…

The Identity Theft Resource Center (ITRC) reports 1,732 publicly disclosed data breaches in H1 2025, marking a 5% increase over the same period in 2024. The ITRC could track a record number of compromises in 2025 if the current data breach trend continues through Q3 and Q4. Data breaches show no signs of slowing in H1 2025 The number of victim notices in H1 2025 (165,745,452) represents only 12% of the victim notices issued by … More → The post Most data breaches have unknown causes as transparency continues to fall appeared first on Help Net Security.

Application-layer attacks have become one of the most common and consequential methods adversaries use to gain access and compromise organizations, according to Contrast Security. These attacks target the custom code, APIs, and logic that power applications, often slipping past detection tools such as Endpoint Detection and Response (EDR) and network-based defenses such as Web Application Firewalls (WAFs). The average application is targeted by attacks more than 14,000 times each month (Source: Contrast Security) Enterprise security’s … More → The post Your app is under attack every 3 minutes appeared first on Help Net Security.

The indie-focused open gaming marketplace Itch.io has abruptly deindexed adult content from its browse and search pages, warning that some games will be permanently removed from the platform. In a blog post on Thursday, Itch.io creator Leaf Corcoran said that the update was due to concerns that the website’s payment processors had “about the nature […]

Investigators assessed that the criminal group’s stolen funds amount to €580,000

Exclusive: The popular "leaking and cracking" forum left one of its databases exposed to the internet without a password, exposing the IP addresses of its users logging in.

Security flaws in Airportr, a door-to-door luggage checking service used by 10 airlines, let hackers access user data and even gain privileges that would have let them redirect or steal luggage.