惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

量子位
云风的 BLOG
云风的 BLOG
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
The Hacker News
The Hacker News
Martin Fowler
Martin Fowler
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
U
Unit 42
F
Full Disclosure
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Recorded Future
Recorded Future
Security Archives - TechRepublic
Security Archives - TechRepublic
阮一峰的网络日志
阮一峰的网络日志
T
Threatpost
P
Privacy International News Feed
GbyAI
GbyAI
Stack Overflow Blog
Stack Overflow Blog
MongoDB | Blog
MongoDB | Blog
I
Intezer
Recent Announcements
Recent Announcements
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
P
Privacy & Cybersecurity Law Blog
A
Arctic Wolf
博客园 - 聂微东
博客园 - 叶小钗
Cisco Talos Blog
Cisco Talos Blog
H
Help Net Security
S
Schneier on Security
Y
Y Combinator Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
The Exploit Database - CXSecurity.com
T
Tor Project blog
月光博客
月光博客
NISL@THU
NISL@THU
A
About on SuperTechFans
Spread Privacy
Spread Privacy
Blog — PlanetScale
Blog — PlanetScale
D
DataBreaches.Net
雷峰网
雷峰网
C
CXSECURITY Database RSS Feed - CXSecurity.com
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
博客园 - 【当耐特】
G
Google Developers Blog
W
WeLiveSecurity
P
Palo Alto Networks Blog
The Last Watchdog
The Last Watchdog
K
Kaspersky official blog
博客园 - 司徒正美
L
LINUX DO - 热门话题
小众软件
小众软件

The Register - Security: CSO

Anthropic's Mythos has The Kettle crew curious, skeptical 'People's Panel' to check if UK wants controversial Digital ID will cost £630K Top npm package backdoored to drop dirty RAT on dev machines Lightning-fast exploits mean patch fast, says Cisco Talos Lightning-fast exploits mean patch fast, says Cisco Talos Smooth criminals talking their way into cloud environments, Google says Cybercrime up 245% since the start of the Iran war Scattered Lapsus$ Hunters seeks women to defraud helpdesks Every day in every way, passwords are getting worse CISA quietly updated ransomware flags on 59 flaws last year Deepfake job seeker applied to work for an AI security firm Deepfake job seeker applied to work for an AI security firm AI-powered cyberattack kits are 'just a matter of time' AI-powered cyberattack kits are 'just a matter of time' FortiGate SSO bug still exploitable despite December patch FortiGate SSO bug still exploitable despite December patch Judge tosses CrowdStrike shareholder suit over 2024 outage DRAM shortage may drive firewall prices higher: analysts Ransomware attacks kept climbing in 2025 as gangs refused to stay dead Around 1,000 systems compromised in ransomware attack on Romanian water agency 1,000 systems pwned in Romanian Waters ransomware attack Half of exposed React servers remain unpatched amid attacks CISA warns spyware crews are breaking into Signal and WhatsApp accounts CISA orders feds to patch Oracle Identity Manager zero-day SEC drops SolarWinds lawsuit that painted a target on CISOs everywhere SEC bails on SolarWinds lawsuit Palo Alto kit sees massive surge in malicious activity amid mystery traffic flood Palo Alto kit sees massive surge in malicious activity Countries use cyber targeting to plan strikes: Amazon CSO Overconfidence is the new zero-day as teams stumble through cyber simulations UK's Cyber Security and Resilience Bill makes Parliamentary debut Cyber insurers paid out over twice as much for UK ransomware attacks last year Cyberpunks mess with Canada's water, energy, and farm systems Trump's workforce cuts blamed as America's cyber edge dulls Feds flag active exploitation of patched Windows SMB vuln How malware vaccines could stop ransomware's rampage Salesforce refuses to pay ransomware crims' extortion demand Germany slams brakes on EU's Chat Control snoopfest Germany slams brakes on EU's Chat Control snoopfest Employees regularly paste company secrets into ChatGPT Oracle tells Clop-targeted EBS users to apply July patch Red Hat repos raided, claims cybercrew, files stolen Suspected Chinese spies broke into 'numerous' enterprises UK gov acknowledges 'strong case' for JLR financial support JLR extends shutdown – again – as toll on workers laid bare UK chancellor blames cyberattacks on Russia despite evidence Fortra discloses 10/10 severity bug in GoAnywhere MFT Entra ID bug could have granted access to every tenant UEFI Secure Boot for Linux Arm64 – where do we stand? JLR says cyber cleanup to take additional week Insider blamed for FinWise data breach affecting nearly 700K Nork snoops whip up fake military ID with help from ChatGPT UK government dragged for incomplete security reforms Church of England abuse victims exposed by lawyer's email US spy chief claims UK backdown on Apple backdoor demand Workday confirms CRM breach via social engineering Black Hat/DEF CON: AI more useful for defense than hacking Ex-White House cyber guru talks Microsoft security fails CISA releases malware analysis for Sharepoint Server attack China: US spies used Microsoft Exchange 0-day to steal info Security pros drowning in threat-intel data Identity attacks surge 156% as phishermen get craftier Organizations can’t keep up with supply chain security musts Amazon CISO: Iranian hacking crews ‘on high alert’ UK data watchdog fines 23andMe £2.3M over 2023 breach Employers are demanding too much from junior cyber recruits FCA warned four staffers who pocketed regulator data Ransomware just wrecked your network – now what? Ivanti RCE attacks 'ongoing,' exploitation hits clouds Ex-NSA listened to Scattered Spider's calls: 'They're good' Snowflake CISO talks lessons learned from breaches, improv Why CVSS is failing us and what we can do about it Infosec pros still aren't nailing the basics of AI security Ransomware crims targeting systems between IT and operations Why aggregating asset inventory leads to better security NCSC and industry at odds over how to tackle shoddy software Powerschool extortionists may not have deleted stolen data CrowdStrike trims workforce by 5 percent, aims to rely on AI NSO Group must pay Meta $168M in WhatsApp spy case Ghost in the shell script: Boffins seek code correctness How Intruder finds what others miss in cloud security Linux malware can avoid syscall-based endpoint protection Infosec pro blabs about alleged malware mishap on LinkedIn The future of AI in cybersecurity in a word – optimistic CVE board 'kept in the dark' on funding, members say Security snafus caused by third parties up from 15% to 30% Blue Shield shared 4.7M people's health info with Google Ads Who needs phishing when your login's already in the wild? US cyber defenses are being dismantled from the inside Bug hunter obtains an SSL cert for Alibaba Cloud in 5 steps
FCC guts Salt Typhoon telco rules despite espionage risk
Carly Page Carly Page · 2025-11-24 · via The Register - Security: CSO

CSO

Months after China-linked spies burrowed into US networks, regulator tears up its own response

The Federal Communications Commission (FCC) has scrapped a set of telecom cybersecurity rules introduced after the Salt Typhoon espionage campaign, reversing course on measures designed to stop state-backed snoops from slipping back into America's networks.

In a 2-1 vote last week, the agency revoked the January Declaratory Ruling that had sought to force carriers to lock down their systems under the Communications Assistance for Law Enforcement Act (CALEA).

That earlier move, introduced in the aftermath of the China-linked Salt Typhoon intrusions, was meant to harden networks used for lawful intercept and other sensitive functions. But the FCC now says the whole thing was "unlawful and ineffective," and has torn up both the ruling and the Notice of Proposed Rulemaking that rode in with it.

The rollback follows what the Commission describes as months of "extensive, urgent, and coordinated" cooperation from carriers following the Salt Typhoon discovery. In its announcement [PDF], the FCC claims that providers have already stepped up access controls, improved incident response, and generally become more attentive to cyber risks – less thanks to the rule itself and more due to what the agency frames as a voluntary clean-up effort after the intrusions.

This marks a notable pivot from the mood earlier this year, when Salt Typhoon was revealed to have burrowed into multiple US telecom companies and lingered inside key systems. As The Register reported at the time, the Chinese state-backed espionage crew gained access not just to standard network management gear but also to parts of the lawful intercept stack – systems that are supposed to be the most tightly controlled parts of a carrier's infrastructure.

The January ruling was sold as a necessary response to that fiasco: a baseline set of obligations to stop foreign intelligence services waltzing through carrier defenses.

Fast-forward to November, the Commission's new leadership has instead opted to yank those obligations entirely. Chairman Brendan Carr and Commissioner Olivia Trusty approved the reversal, arguing that the previous order strayed beyond the statute and imposed rigid, impractical mandates.

Commissioner Anna Gomez dissented, issuing a separate statement [PDF] warning that abandoning enforceable requirements would leave the country less secure at a time when hostile states are visibly probing and exploiting telecom networks.

"When the next breach occurs, there will be no standards to measure compliance and no mechanism for determining which safeguards should have been in place," Gomez said. "That is governing by hope rather than by duty, and the American public deserves better."

The Electronic Privacy Information Center (EPIC) has also spoken out against the gutting of the rules, arguing that the FCC is attempting "to create a sort of safe harbor for insecure cybersecurity practices."

The FCC insists it's not stepping back from cybersecurity, just taking a more "agile" approach. It points to targeted rules adopted elsewhere, such as the requirement for submarine cable licensees to maintain cyber-risk management plans, and to its newly established Council on National Security, tasked with coordinating with federal partners on threats ranging from espionage to supply-chain compromise.

Still, the contrast is hard to miss. After Salt Typhoon showed how easily a determined state actor could compromise carrier systems, the Commission appeared ready in January to impose clear minimum standards. Now the agency is pivoting back to informal cooperation, effectively trusting the same carriers that were infiltrated for years to police themselves without the threat of formal compliance checks.

The announcement repeatedly references improved cybersecurity practices across the sector since the intrusions came to light. But the FCC offers no detail on how those improvements will be monitored or enforced without the framework it just torched. Smaller carriers, in particular, may struggle to maintain the same defensive posture as larger operators, a key argument in favor of setting universal baselines following the Salt Typhoon revelations.

For now, the official line is that voluntary cooperation will keep the nation's communications backbone safe. But Salt Typhoon demonstrated that determined state-sponsored crews are already sitting within some of those networks – and that they're willing to exploit any oversight gap. Whether industry goodwill is enough to stop the next one is, once again, an open question. ®