WSJ reports: Equifax was lobbying lawmakers and federal agencies to ease up on regulation of credit-reporting companies in the months before its massive data breach. Equifax spent at least $500,000 on lobbying Congress and federal regulators in the first half of 2017, according to its congressional lobbying-disclosure reports. Among the issues on which it lobbied was limiting the legal liability of credit-reporting companies. That issue is the subject of a bill that a panel of the House Financial Services Committee, which oversees the industry, discussed the same day Equifax disclosed the cyberattack that exposed personal financial data of as many as 143 million Americans. Equifax has also lobbied Congress and regulatory agencies on issues around "data security and breach notification" and "cybersecurity threat information sharing," according to its lobbying disclosures. The amount Equifax spent in the first half of this year appears to be in line with previous spending. In 2016 and 2015, the company's reports show it spent $1.1 million and $1.02 million, respectively, on lobbying activities. While the company had broadly similar lobbying issues in those years, the liability matter was new in 2017.

Facebook announced on Wednesday that it sold $100,000 worth of ads to inauthentic accounts likely linked to Russia during the election. The ad spending spree took place between June of 2015 and May of 2017, and was associated with roughly 3,000 ads. CNET reports: "Our analysis suggests these accounts and Pages were affiliated with one another and likely operated out of Russia," Alex Stamos, Facebook's chief security officer, wrote in a blog post. Facebook said it's continuing to investigate the issue and reported its findings to U.S. authorities.

Most of the ads and accounts didn't have to explicitly do with the election or either of the then-candidates, Hillary Clinton and Donald Trump. Instead, they were focused on divisive political topics, including LGBT issues, immigration and gun rights.

The Trump administration said on Tuesday it plans to scrap a program that allows about 800,000 undocumented immigrants who came to the US as children to stay and work in the country, shrugging off criticism from within the president's own party and prominent business figures. From a report: The Trump administration is essentially leaving Congress a six-month window of time to try to save it. The legal shield is known as Deferred Action for Childhood Arrivals, or DACA, and since its enactment in 2012, it has allowed roughly 800,000 undocumented young adults to live in the United States and obtain work authorizations every two years. [...] In practice, implementation is complicated. Those previously approved under DACA, with the permission to work in the United States, can continue to work without interruption until those approvals expire. And those who have already applied for protection or are seeking renewals will still have their applications considered by the U.S. government. For those whose permits are set to expire before March 5, 2018, though, the U.S. government will also allow them to renew their DACA status -- provided their applications are received before Oct. 5, 2017. Currently, there are about 201,000 young adults whose authorizations are set to expire this year, officials at the Department of Homeland Security explained Tuesday.

Tech giants like Apple, Facebook and Google are no doubt going to blast the Trump administration's decision: Last week, those executives joined more than 400 other business leaders in calling on the president to preserve DACA. Apple CEO Tim Cook, who previously (and privately) pressed Trump on the issue, said on Sunday that 250 of his "co-workers" would be affected by the change. Microsoft indicated that about 27 workers spanning fields like finance and sales would be hurt from Trump's move. Zuckerberg said, "This is a sad day for our country. The decision to end DACA is not just wrong. It is particularly cruel to offer young people the American Dream, encourage them to come out of the shadows and trust our government, and then punish them for it."

An anonymous reader quotes a report from Ars Technica: President Donald Trump has selected Andrei Iancu, the managing partner of a major Los Angeles law firm, to be the next head of the U.S. Patent and Trademark Office. Iancu has been a partner at Irell & Manella since 2004 and was an associate at the firm for five years earlier. His most notable work in the tech sector is likely his representation of TiVo Corp. in its long-running patent battles with companies like EchoStar, Motorola, Microsoft, Verizon, and Cisco. TiVo ultimately succeeded in compelling those defendants to pay up for its pioneering DVR patents, and payments to TiVo ultimately totaled more than $1.6 billion, according to Iancu's biography page. Iancu also had a hand in Immersion Corp.'s $82 million jury verdict against Sony Computer Entertainment, in which a jury found that Immersion's patent claims on tactile feedback technology were valid and infringed. Those big wins aside, most of Iancu's work has been on the defense side. He's represented eBay in a case against Acacia Research Corp., a large, publicly traded non-practicing entity, and he worked for Hewlett-Packard when it defended against Xerox patent claims. He's also worked in the medical device area, enforcing patents for St. Jude Medical on vascular closure devices.

itwbennett writes: As previously reported on Slashdot, U.S. intelligence agencies have warned against using Kaspersky software amid swirling rumors of ties between Kaspersky Lab executives and the Russian government. White House cybersecurity coordinator Rob Joyce this week advised against consumer use of Kaspersky software. This may be good politics, but CSOonline's Fahmida Rashid warns that it's bad infosec. 'If the government has any evidence -- or even compelling reasons for being suspicious -- it should be sharing that, because many companies and consumers rely on Kaspersky Lab products. The fact that the government hasn't done so makes it likely this is all just geo politics,' writes Rashid. 'There is enough FUD in the market without throwing in politics into decision-making. Organizations should focus on deploying the technology which best addresses their needs.'

According to Reuters, a D.C. Superior Court judge on Thursday approved a government warrant seeking data from an anti-Trump website related to Inauguration Day protests, but he added protections to safeguard "innocent users." From the report: Chief Judge Robert Morin said DreamHost, a Los Angeles-based web-hosting company, must turn over data about visitors to the website disruptj20.org, which is a home to political activists who organized protests at the time of Donald Trump's inauguration as U.S. president in January. Morin, who will oversee review of the data, said the government must explain what protocols it will use to make sure prosecutors do not seize the data of "innocent users." Morin said at a hearing on Thursday that he recognized the tension between free speech rights and law enforcement's need to search digital records for evidence. He said he added safeguards to his order granting the government's request for information in an effort to balance those two concerns. Besides reviewing the prosecutors' privacy protocols, Morin also shortened the time frame for records to those generated from October to Inauguration Day and instructed the prosecutors to explain why anything they want to seize is germane to the investigation.

After issuing a warrant to DreamHost for "all files" related to an anti-trump website, the Justice Department says it's scaling back a demand for information from hosting service DreamHost. The Verge reports: In a legal filing today, the Justice Department argues that the warrant was proper, but also says DreamHost has since brought up information that was previously "unknown." In light of that, it has offered to carve out information demanded in the warrant, specifically pledging to not request information like HTTP logs tied to IP addresses. The department says it is only looking for information related to criminal activity on the site, and says that "the government is focused on the use of the Website to organize, to plan, and to effect a criminal act -- that is, a riot." Peaceful protestors, the government argues, are not the targets of the warrant. The filing asks the court to proceed with the new, less burdensome request, which, apart from the carved-out sections, still requests "all records or other information, pertaining to the Account, including all files, databases, and database records stored by DreamHost in relation to that Account." It's unclear if DreamHost will continue to fight the new demand.

wiredmikey quotes a report from SecurityWeek: President Donald Trump has ordered the U.S. military to elevate its cyber warfare operations to a separate command, signaling a new strategic emphasis on electronic and online offensive and defensive operations. "I have directed that United States Cyber Command be elevated to the status of a Unified Combatant Command focused on cyberspace operations," Trump said in a statement Friday. The move would expand the number of the Defense Department's unified combatant commands to 10, putting cyber warfare on an equal footing with the Strategic Command, the Special Operations Command, and regional commands. Until now cyber warfare operations have been run under the umbrella of the National Security Agency, the country's main electronic spying agency, with Admiral Michael Rogers heading both.

AmiMoJo shares a report from Ars Technica: When right-wing trolls and outright racists get kicked off of Twitter, they often move to Gab, a right-wing Twitter competitor. Gab was founded by Andrew Torba, who says it's devoted to unfettered free expression online. The site also hosts controversial right-wing figures like Milo Yiannopoulos, Andrew 'weev' Auernheimer and Andrew Anglin, editor of the neo-Nazi site Daily Stormer. On Thursday, Gab said that Google had banned its Android app from the Google Play Store for violating Google's ban on hate speech. The app's main competitor, Twitter, hosts accounts like the American Nazi Party, the Ku Klux Klan, and the virulently anti-gay Westboro Baptist Church, yet the Twitter app is still available on the Google Play store. Apple has long had more restrictive app store policies, and it originally rejected the Gab app for allowing pornographic content to be posted on the service -- despite the fact that hardcore pornography is readily available on Twitter. In an email to Ars, Google explained its decision to remove Gab from the Play Store: "In order to be on the Play Store, social networking apps need to demonstrate a sufficient level of moderation, including for content that encourages violence and advocates hate against groups of people. This is a long-standing rule and clearly stated in our developer policies. Developers always have the opportunity to appeal a suspension and may have their apps reinstated if they've addressed the policy violations and are compliant with our Developer Program Policies."

President Donald Trump's chief strategist Steve Bannon left his position on Friday (alternative source) as the newly minted chief of staff John Kelly sought to bring order to a White House riven by infighting and power struggles, more than a dozen news outlets report. Maggie Haberman, reporting for The New York Times: The president and senior White House officials were debating when and how to dismiss Mr. Bannon. The two administration officials cautioned that Mr. Trump is known to be averse to confrontation within his inner circle, and could decide to keep on Mr. Bannon for some time. As of Friday morning, the two men were still discussing Mr. Bannon's future, the officials said. A person close to Mr. Bannon insisted the parting of ways was his idea, and that he had submitted his resignation to the president on Aug. 7, to be announced at the start of this week, but the move was delayed after the racial unrest in Charlottesville, Va.

schwit1 shares a report from The Hill: A hacker in Ukraine who goes by the online alias "Profexer" is cooperating with the FBI in its investigation of Russian interference in the U.S. presidential election, The New York Times is reporting. Profexer, whose real identity is unknown, wrote and sold malware on the dark web. The intelligence community publicly identified code he had written as a tool used in the hacking of the Democratic National Committee ahead of last year's presidential election. The hacker's activity on the web came to a halt shortly after the malware was identified. The New York Times, citing Ukrainian police, reported Wednesday that the individual turned himself into the FBI earlier this year and became a witness for the bureau in its investigation. FBI investigators are probing Russian interference efforts and whether there was coordination between associates of President Trump's campaign and Moscow. Special counsel Robert Mueller is heading the investigation.

Over a dozen anonymous readers share a similar report: Two White House advisory councils that once included tech leaders like Elon Musk and Travis Kalanick have dissolved, after several members resigned over President Donald Trump's weak condemnation of white supremacists. A member of the Strategic and Policy Forum told CNBC that it wanted to make a "more significant impact" by disbanding the entire group: "It makes a central point that it's not going to go forward. It's done." Soon after, Trump took credit for shutting down both that group and a separate Manufacturing Council, "rather than putting pressure on the businesspeople." The councils' members came from a range of industries, including several major Silicon Valley companies. Besides Musk and Kalanick, executives from Intel, IBM, and Dell had joined. It's been controversial from the start -- Musk and Kalanick both left months ago -- but a major exodus started this week, after Trump issued a vague statement blaming "many sides" for violence at a white supremacist rally that left one woman dead. Intel CEO Brian Krzanich resigned on Monday, saying that politics had "sidelined the important mission of rebuilding America's manufacturing base." Axios has more details.

Ina Fried, writing for Axios: Intel said Monday that CEO Brian Krzanich was leaving President Trump's American Manufacturing Council, the latest executive to distance himself from the president following the weekend's events in Virginia. In a blog post, Krzanich said that the decline in American manufacturing remains a serious issue, but said that "politics and political agendas have sidelined the important mission of rebuilding America's manufacturing base. I resigned to call attention to the serious harm our divided political climate is causing to critical issues, including the serious need to address the decline of American manufacturing," Krzanich said in a blog post. "Politics and political agendas have sidelined the important mission of rebuilding America's manufacturing base."

An anonymous reader quotes a report from Ars Technica: The administration of President Donald Trump is scoffing at a lawsuit by Twitter users who claim in a federal lawsuit that their constitutional rights are being violated because the president has blocked them from his @realDonaldTrump Twitter handle. "It would send the First Amendment deep into uncharted waters to hold that a president's choices about whom to follow, and whom to block, on Twitter -- a privately run website that, as a central feature of its social-media platform, enables all users to block particular individuals from viewing posts -- violate the Constitution." That's part of what Michael Baer, a Justice Department attorney, wrote to the New York federal judge overseeing the lawsuit Friday. In addition, the Justice Department said the courts are powerless to tell Trump how he can manage his private Twitter handle, which has 35.8 million followers.

"To the extent that the President's management of his Twitter account constitutes state action, it is unquestionably action that lies within his discretion as Chief Executive; it is therefore outside the scope of judicial enforcement," Baer wrote. (PDF) Baer added that an order telling Trump how to manage his Twitter feed "would raise profound separation-of-powers concerns by intruding directly into the president's chosen means of communicating to millions of Americans."

An anonymous reader quotes a report from Ars Technica: A Russian government-sponsored group accused of hacking the Democratic National Committee last year has likely been infecting other targets of interest with the help of a potent Windows exploit developed by, and later stolen from, the National Security Agency, researchers said Friday. Eternal Blue, as the exploit is code-named, is one of scores of advanced NSA attacks that have been released over the past year by a mysterious group calling itself the Shadow Brokers. It was published in April in the group's most damaging release to date. Its ability to spread from computer to computer without any user action was the engine that allowed the WCry ransomware worm, which appropriated the leaked exploit, to shut down computers worldwide in May. Eternal Blue also played a role in the spread of NotPetya, a follow-on worm that caused major disruptions in June. Now, researchers at security firm FireEye say they're moderately confident the Russian hacking group known as Fancy Bear, APT 28, and other names has also used Eternal Blue, this time in a campaign that targeted people of interest as they connected to hotel Wi-Fi networks. In July, the campaign started using Eternal Blue to spread from computer to computer inside various staff and guest networks, company researchers Lindsay Smith and Ben Read wrote in a blog post. While the researchers didn't directly observe those attacks being used to infect guest computers connected to the network, they said a related campaign from last year used the control of hotel Wi-Fi services to obtain login credentials from guest devices.

An anonymous reader quotes a report from The Verge: You'll have two extra weeks to file your thoughts with the FCC on its plan to get rid of net neutrality. The proposal's comment period was originally scheduled to end next week, on August 16th, but the commission just pushed the date out to August 30th. The extension was granted in response to 10 groups asking for more time to respond. They had been looking for an additional eight weeks, but the commission said an additional two weeks would be more in line with the type of extensions granted in the past. The commission didn't signal that disruptions to its filing system, caused by an apparent DDOS attack, factored into the decision at all. Granting a two week extension gives people more time to file "reply comments," which are meant to respond to what people filed during the first phase of the comment period, which closed in July. That comment period had been much longer than usual, because the commission released the proposal a month before it was voted on.

An anonymous reader shares an excerpt from a report via Ars Technica: Americans might not need a fast home Internet connection, the Federal Communications Commission suggests in a new document. Instead, mobile Internet via a smartphone might be all people need. The suggestion comes in the FCC's annual inquiry into broadband availability. Section 706 of the Telecommunications Act requires the FCC to determine whether broadband (or more formally, "advanced telecommunications capability") is being deployed to all Americans in a reasonable and timely fashion. If the FCC finds that broadband isn't being deployed quickly enough to everyone, it is required by law to "take immediate action to accelerate deployment of such capability by removing barriers to infrastructure investment and by promoting competition in the telecommunications market."

The FCC found during George W. Bush's presidency that fast Internet service was being deployed in a reasonable and timely fashion. But during the Obama administration, the FCC determined repeatedly that broadband isn't reaching Americans fast enough, pointing in particular to lagging deployment in rural areas. These analyses did not consider mobile broadband to be a full replacement for a home (or "fixed") Internet connection via cable, fiber, or some other technology. Last year, the FCC updated its analysis with a conclusion that Americans need home and mobile access. Because home Internet connections and smartphones have different capabilities and limitations, Americans should have access to both instead of just one or the other, the FCC concluded under then-Chairman Tom Wheeler. The report goes on to add that with Republican Ajit Pai as chairman of the FCC, "the FCC seems poised to change that policy by declaring that mobile broadband with speeds of 10Mbps downstream and 1Mbps upstream is all one needs." Furthermore, "In doing so, the FCC could conclude that broadband is already being deployed to all Americans in a reasonable and timely fashion, and thus the organization would take fewer steps to promote deployment and competition."

An anonymous reader shares a report from The New York Times (Warning: source may be paywalled; alternative source): The average temperature in the United States has risen rapidly and drastically since 1980, and recent decades have been the warmest of the past 1,500 years, according to a sweeping federal climate change report awaiting approval by the Trump administration. The draft report by scientists from 13 federal agencies, which has not yet been made public, concludes that Americans are feeling the effects of climate change right now. It directly contradicts claims by President Trump and members of his cabinet who say that the human contribution to climate change is uncertain, and that the ability to predict the effects is limited. "Evidence for a changing climate abounds, from the top of the atmosphere to the depths of the oceans," a draft of the report states. A copy of it was obtained by The New York Times. The authors note that thousands of studies, conducted by tens of thousands of scientists, have documented climate changes on land and in the air. "Many lines of evidence demonstrate that human activities, especially emissions of greenhouse (heat-trapping) gases, are primarily responsible for recent observed climate change," they wrote. The report was completed this year and is a special science section of the National Climate Assessment, which is congressionally mandated every four years. The National Academy of Sciences has signed off on the draft report, and the authors are awaiting permission from the Trump administration to release it. "The report concludes that even if humans immediately stopped emitting greenhouse gases into the atmosphere, the world would still feel at least an additional 0.50 degrees Fahrenheit (0.30 degrees Celsius) of warming over this century compared with today," reports The New York Times. "The projected actual rise, scientists say, will be as much as 2 degrees Celsius." Given the Trump administration's stance on climate change, some of the scientists who worked on the report are concerned that the report will be suppressed.

chicksdaddy writes: Do you think that shadowy Russian hackers are the biggest threat to the integrity of U.S. elections? Think again. It turns out the bad actors in U.S. elections may be a lot more "Senator Bedfellow" than "Fancy Bear," according to Bev Harris, the founder of Black Box Voting. "It's money," Harris told The Security Ledger. "There's one federal election every four years, but there are about 100,000 local elections which control hundreds of billions of dollars in contract signings." Those range from waste disposal and sanitation to transportation."There are 1,000 convictions every year for public corruption," Harris says, citing Department of Justice statistics. "Its really not something that's even rare in the United States." We just don't think that corruption is a problem, because we rarely see it manifested in the ways that most people associate with public corruption, like violence or having to pay bribes to receive promised services, Harris said. But it's still there.

How does the prevalence of public corruption touch election security? Exactly in the way you might think. "You don't know at any given time if the people handling your votes are honest or not," Harris said. "But you shouldn't have to guess. There should be a way to check." And in the decentralized, poorly monitored U.S. elections system, there often isn't. At the root of our current problem isn't (just) vulnerable equipment, it's also a shoddy "chain of custody" around votes, says Eric Hodge, the director of consulting at Cyber Scout, which is working with the Board of Elections in Kentucky and in other states to help secure elections systems. That includes where and how votes are collected, how they are moved and tabulated and then how they are handled after the fact, should citizens or officials want to review the results of an election. That lack of transparency leaves the election system vulnerable to manipulation and fraud, Harris and Hodge argue.

An anonymous reader quotes TechCrunch's newest update on the FCC's attempt to gut net neutrality protections: 10 Representatives who helped craft the law governing the FCC itself have submitted an official comment on the proposal ruthlessly dismantling it... The FCC is well within its rights to interpret the law, and it doesn't have to listen to contrary comments from the likes of you and me. It does, however, have to listen to Congress -- "congressional intent" is a huge factor in determining whether an interpretation of the law is reasonable. And in the comment they've just filed, Representatives Pallon, Doyle et al. make it very clear that their intent was and remains very different from how the FCC has chosen to represent it.

"The law directs the FCC to look at ISP services as distinct from those services that ride over the networks. The FCC's proposal contravenes our intent... While some may argue that this distinction should be abandoned because of changes in today's market, that choice is not the FCC's to make. The decision remains squarely with those of us in Congress -- and we have repeatedly chosen to leave the law as it is."
In another letter Thursday, 15 Congressmen asked FCC Chairman Ajit Pai to extend the time period for comments. They note the proposed changes have received more than 16 million comments, more than four times the number of comments on any previous FCC item. The Hill reports that the previous record was 4 million comments -- during the FCC's last net neutrality proceeding in 2014 -- and "the lawmakers also noted that the comment period for approving net neutrality in 2014 was 60 days. Pai has only allowed a 30-day comment period for his plan to rollback the rules."