Rep. Tom Graves has revised a draft of the Active Cyber Defense Certainty Act with new provisions that include mandatory notification and permission to recovery or destroy stolen data on the attacker’s computer.

Mike Mimoso and Chris Brook discuss the news of the week including a rash of new IP camera backdoors, James Comey’s talk at Boston College, hacking back vs. active defense, and the DOJ dropping one of its Playpen cases.

A bill that would exclude organizations from prosecution for hacking back is already stirring up some concerns about potential unintended consequences.

A bill that would exclude organizations from prosecution for hacking back is already stirring up some concerns about potential unintended consequences.

A buffer overflow found in the Mirai botnet could eliminate its ability to carry out HTTP flood attacks. But exploiting that vulnerability puts defenders in a gray area with regard to hacking back.

SAN FRANCISCO—Surely all breached organizations consider hacking back as some means of response to being attacked and losing intellectual property. Thankfully there was a room full of lawyers at RSA Conference on Wednesday to remind IT pros of what a colossally bad idea that is. Putting aside the illegality of hacking back for a second,...