The Last HITB Security Conference in Malaysia

Hands-on Technical Trainings - 13th & 14th October

Triple-Track Conference - 15th & 16th October


Capture the Flag - 15th & 16th October

HackWEEKDAY - 15th & 16th October

CommSec Village - 15th & 16th October


Insiders who have valid credentials to access confidential info cannot be charged under US anti-hacking law

A ruling handed up this week in a US appeals court found staff who violate their organisation's user policies do not violate the federal Computer Fraud and Abuse Act (CFAA).

David Kosal, a former manager at executive search firm Korn/Ferry, beat charges that he convinced three of his former co-workers to use their valid login credentials to access and download customer lists and then transfer them to him so he could start a competing company.

While staff were prohibited from disclosing private information under their company policy, Kosal filed a motion to have five counts including "aiding and abetting" and "intent to defraud" dismissed.