CyberSecurityBoard
Sponsor Register Login

Court Charges Programmer for Disclosing Security Flaw Publicly

In a case that ignites the age-old debate between security concerns and ethical hacking, a German court has convicted a programmer who uncovered a critical vulnerability in software developed by Modern Solution.
A freelance IT consultant hired by a client stumbles upon a software vulnerability.
What seems like a routine investigation takes a chilling turn when the programmer discovers a gaping security hole in Modern Solution's software, exposing the confidential data of nearly 700,000 customers.
Compounding the problem are zero-day vulnerabilities like the MOVEit SQLi, Zimbra XSS, and 300+ such vulnerabilities that get discovered each month.
The programmer, acting swiftly, disconnects the leaky connection, but the damage is done.
The prosecution contends the programmer's motives were far from noble.
They argue that the use of a readily available cleartext password denotes malicious intent, painting a picture of deliberate hacking.
They allege the programmer decompiled the software, strengthening their case against a mere accidental discovery.
The programmer's defense paints a starkly different picture.
They argue that their actions were driven by professional responsibility, not criminal intent.
The accidental exposure of the vulnerability, followed by immediate communication with Modern Solution, is presented as evidence of ethical conduct.
The court sides with the prosecution, finding the programmer guilty of violating Germany's 202a hacking law, reads the report.
This verdict, while seemingly definitive, holds a crucial nuance: decompiling the software, though deemed unnecessary for the conviction, remains a suspicious element in the judge's eyes.
The programmer has appealed the verdict, seeking a higher court's reassessment.
This case transcends the confines of a single courtroom, becoming a catalyst for a wider discussion.
Try Kelltron's cost-effective penetration testing services to evaluate digital systems security.


This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 22 Jan 2024 08:05:20 +0000


Cyber News related to Court Charges Programmer for Disclosing Security Flaw Publicly

Court Charges Programmer for Disclosing Security Flaw Publicly - In a case that ignites the age-old debate between security concerns and ethical hacking, a German court has convicted a programmer who uncovered a critical vulnerability in software developed by Modern Solution. A freelance IT consultant hired by a ...
9 months ago Cybersecuritynews.com
2023 Year in Review: The U.S. Supreme Court's Busy Year of Free Speech and Tech Cases - The U.S. Supreme Court has taken an unusually active interest in internet free speech issues. EFF participated as amicus in a whopping nine cases before the court this year. The court decided four of those cases, and decisions in the remaining five ...
10 months ago Eff.org
Hackers breach Australian court hearing database - The court system for Australia's second-most-populated state was hit by a ransomware attack that potentially exposed sensitive recordings of some court hearings. Court Services Victoria, an administrative body that supports the operations of the ...
10 months ago Therecord.media
Records of Crucial Cases May Have Been Compromised by a Cyberattack on Victoria's Court System - An independent expert believes that ransomware was used to assault Victoria's court system and that the attack was coordinated by Russian hackers. According to a representative for Court Services Victoria, hackers gained access to a portion of the ...
10 months ago Cysecurity.news
EFF Helps News Organizations Push Back Against Legal Bullying from Cyber Mercenary Group - For the last several months, there has emerged a campaign of bullying and censorship seeking to wipe out stories about the mercenary hacking campaigns of a less well-known company, Appin Technology, in general, and the company's cofounder, Rajat ...
9 months ago Eff.org
It's Time For Lawmakers to Listen to Courts: Your Law Regulating Online Speech Will Harm Internet Users' Free Speech Rights - Despite a long history of courts ruling that government efforts to regulate speech online harm all internet users and interfere with their First Amendment rights, state and federal lawmakers continue to pass laws that do just that. Three separate ...
4 months ago Eff.org
EFF Continues Fight Against Unconstitutional Geofence and Keyword Search Warrants: 2023 Year in Review - EFF continues to fight back against high-tech general warrants that compel companies to search broad swaths of users' personal data. In 2023, we saw victory and setbacks in a pair of criminal cases that challenged the constitutionality of geofence ...
10 months ago Eff.org
Victoria court recordings exposed in reported ransomware attack - Australia's Court Services Victoria is warning that video recordings of court hearings were exposed after suffering a reported Qilin ransomware attack. CSV is an independent statutory authority that provides services to Victoria's court systems, ...
10 months ago Bleepingcomputer.com
When It Comes to January 6 Lawsuits, a Court Splits Donald Trump in Two - Donald Trump, the president, may well be immune from any civil action for allegedly inciting an attack against the US Capitol on January 6, 2021. The candidate, is not, an appellate court in the District of Columbia says. "When a first-term President ...
11 months ago Wired.com
International Criminal Court systems breached for cyber espionage - The International Criminal Court provided additional information about the cyberattack five weeks ago, saying that it was a targeted operation for espionage purposes. The intergovernmental organization disclosed the breach on September 19, a few days ...
11 months ago Bleepingcomputer.com
Australian Court Service Hacked, Hearing Recordings at Risk - Court cases and tribunals in Australia have been impacted by a cybersecurity incident, with attackers potentially accessing recordings of hearings, according to the Court Services Victoria. The CSV revealed the incident in a statement on January 2, ...
10 months ago Infosecurity-magazine.com
Cyberattackers breach trove of Victoria court recordings The Register - The court system of Victoria, Australia, was subject to a suspected ransomware attack in which audiovisual recordings of court hearings may have been accessed. The incident began on December 8 and attackers may have accessed hearings between November ...
10 months ago Go.theregister.com
LockBit administrator sentenced to almost four years in prison after guilty plea - An administrator for the LockBit ransomware gang has been sentenced to four years in prison after pleading guilty to eight charges in a Canadian court last month. Mikhail Vasiliev, a 34-year-old Canadian-Russian dual national, has been in legal peril ...
8 months ago Therecord.media
Victory: Utah Supreme Court Upholds Right to Refuse to Tell Cops Your Passcode - Last week, the Utah Supreme Court ruled that prosecutors violated a defendant's Fifth Amendment privilege against self incrimination when they presented testimony about his refusal to give police the passcode to his cell phone. This closely tracks ...
11 months ago Eff.org
Victory! Montana's Unprecedented TikTok Ban is Unconstitutional - A federal court on Thursday blocked Montana's effort to ban TikTok from the state, ruling that the law violated users' First Amendment rights to speak and to access information online, and the company's First Amendment rights to select and curate ...
11 months ago Eff.org
EFF Asks Court to Uphold Federal Law That Protects Online Video Viewers' Privacy and Free Expression - As millions of internet users watch videos online for news and entertainment, it is essential to uphold a federal privacy law that protects against the disclosure of everyone's viewing history, EFF argued in court last month. For decades, the Video ...
10 months ago Eff.org
EFF to Ninth Circuit: There's No Software Exception to Traditional Copyright Limits - Copyright's reach is already far too broad, and courts have no business expanding it any further, particularly where that reframing will undermine adversarial interoperability. If a work is derivative, it may infringe the copyright in the preexisting ...
8 months ago Eff.org
CISOs on alert following SEC charges against SolarWinds - While the outcome of the Security and Exchange Commission's complaint against SolarWinds remains to be seen, infosec experts say the charges are likely to have a major impact on the role of the CISO going forward. In late October, the SEC charged ...
10 months ago Techtarget.com
Supreme Court Backs Biden Social Media - US Supreme Court sides with Biden after Republican-led states challenged federal halt of misinformation posts on social media. The Supreme Court on Wednesday sided with the Biden administration in a dispute with Republican-led US states over how far ...
4 months ago Silicon.co.uk
EFF Urges Supreme Court to Set Standard for How Government Can and Can't Talk to Social Media Sites About Censoring Users' Posts - WASHINGTON, DC-The Supreme Court should clarify standards for determining if the government permissibly advised or convinced social media companies to censor content from 2020 to 2022, or impermissibly coerced or threatened sites in violation of the ...
11 months ago Eff.org
Victory! Police Drone Footage is Not Categorically Exempt From California's Public Records Law - Video footage captured by police drones sent in response to 911 calls cannot be kept entirely secret from the public, a California appellate court ruled last week. The police department is the first law enforcement agency in the country to use drones ...
10 months ago Eff.org
No Country Should be Making Speech Rules for the World - It's a simple proposition: no single country should be able to restrict speech across the entire internet. Any other approach invites a swift relay race to the bottom for online expression, giving governments and courts in countries with the weakest ...
6 months ago Eff.org
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
10 months ago Feeds.dzone.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
1 month ago Helpnetsecurity.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)