Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

DARPA Open Catalog

“Welcome to the DARPA Open Catalog, which contains a curated list of DARPA-sponsored software and peer-reviewed publications. DARPA sponsors fundamental and applied research in a variety of areas including data science, cyber, anomaly detection, etc., that may lead to experimental results and reusable technology designed to benefit multiple government domains. The DARPA Open Catalog organizes publicly releasable material from DARPA programs. DARPA has an open strategy to help increase the impact of government investments. DARPA is interested in building communities around government-funded research. DARPA plans to continue to make available information generated by DARPA programs, including software, publications, data, and experimental results. The table on this page lists the programs currently participating in the catalog.”

2014 Cost of Data Breach: Global Analysis

News release: “Throughout the world, companies are finding that data breaches have become as common as a cold but far more expensive to treat. With the exception of Germany, companies had to spend more on their investigations, notification and response when their sensitive and confidential information was lost or stolen. As revealed in the 2014Continue Reading

High level hacking of US financial system linked to Russia as FBI investigates

Bloomberg: “Russian hackers attacked the U.S. financial system in mid-August, infiltrating and stealing data from JPMorgan Chase & Co. (JPM) and at least one other bank, an incident the FBI is investigating as a possible retaliation for government-sponsored sanctions, according to two people familiar with the probe. The attack resulted in the loss of gigabytes of sensitive data,Continue Reading

IBM X-Force Threat Intelligence Quarterly, 3Q 2014

Get a closer look at Heartbleed—from the latest attack activity to mitigation strategies - using 2014 mid-year data and ongoing research. IBM, August 2014. “Welcome to the latest quarterly report from the IBM® X-Force® research and development team. In this report, we’ll look at how the Heartbleed vulnerability—CVE-2014-0160, disclosed in April 2014—impacted organizations around the world.Continue Reading

How a Chinese National Gained Access to Arizona’s Terror Center

ProPublica:  The un-vetted computer engineer plugged into law enforcement networks and a database of 5 million Arizona drivers in a possible breach that was kept secret for years. by Ryan Gabrielson, ProPublica and Andrew Becker, Center for Investigative Reporting, August 26, 2014. “LIZHONG FAN’S DESK WAS AMONG A CROWD of cubicles at the Arizona Counter Terrorism InformationContinue Reading

New on LLRX – Four Part Series on Privacy and Data Security Violations

Via LLRX.com – fours new articles by law professor Daniel J. Solove on privacy, data protection and the harm caused by breaches. Privacy and Data Security Violations: What’s the Harm? - Daniel J. Solove is a Law professor at George Washington University Law School, an expert in information privacy law, and founder of TeachPrivacy, a privacy and securityContinue Reading

Backoff: New Point of Sale Malware

“This advisory was prepared in collaboration with the National Cybersecurity and Communications Integration Center (NCCIC), United States Secret Service (USSS), Financial Sector Information Sharingand Analysis Center (FS-ISAC), and Trustwave Spiderlabs, acting under contract with the USSS. The purpose of this release is to provide relevant and actionable technical indicators for network defense. Recent investigations revealedContinue Reading

Paper – TSA device flaws compromise airport security

Via FCW.com: “The cybersecurity vulnerabilities uncovered in a number of the Transportation Security Administration’s electronic security and personnel management devices are part of a growing problem for federal IT managers, according to the expert that discovered and reported the flaws. Billy Rios, director of threat intelligence at Qualys, a large security tech firm, presented a paper in earlyContinue Reading

Consumer advisory: Virtual currencies and what you should know about them

CFPB: “You may have heard about virtual currencies like Bitcoin, XRP, and Dogecoin. But what are virtual currencies? What’s this “to the moon!” business on the internet about? And, as a consumer, what risks should you be aware of? While virtual currencies offer the potential for innovation, a lot of big issues have yet to beContinue Reading

Extensive interview of Edward Snowden – Wired

James Bamford, via Wired: “..Snowden will continue to haunt the US, the unpredictable impact of his actions resonating at home and around the world. The documents themselves, however, are out of his control. Snowden no longer has access to them; he says he didn’t bring them with him to Russia. Copies are now in the handsContinue Reading

Two Factor Auth

Two Factor Auth (2FA): “Two-step verification, abbreviated to TSV (not equal to two step authentication TSA nor to Two-factor authentication, abbreviated to TFA) is a process involving two subsequent but dependent stages to check the identity of an entity trying to access services in a computer or in a network with just one factor or secret,Continue Reading

Developing the Cyber Experts of the future – GCHQ certifies Master’s Degrees in Cyber Security

News release: “The certification of six Master’s degrees in Cyber Security was announced by Rt.Hon Francis Maude, Minister for the Cabinet Office, when he visited GCHQ today. This marks another significant step in the development of the UK’s knowledge, skills and capability in all fields of Cyber Security as part of the National Cyber Security Programme. The National CyberContinue Reading