Huge news. The Feds won’t use the CFAA to go after security researchers, pinky promise! Very important caveat. The EFF is all over it. https://arxiv.org/abs/2205.07759 There are so many problems with this paper I’m not sure where to start. I guess I’ll start with the conclusion: they are correct. Many APTs use public vulnerabilities rather than 0day.
May 20, 2022
May 20, 2022
May 20, 2022
Huge news. The Feds won’t use the CFAA to go after security researchers, pinky promise! Very important caveat. The EFF is all over it. https://arxiv.org/abs/2205.07759 There are so many problems with this paper I’m not sure where to start. I guess I’ll start with the conclusion: they are correct. Many APTs use public vulnerabilities rather than 0day.