Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

What Is the Internet of Things?

What Is the Internet of Things?, Mike Loukides and Jon Bruner, O’Reilly Media:  “The Internet of Things (IoT) is a blending of software and hardware, introducing intelligence and connectedness to objects and adding physical endpoints to software. Radical changes in the hardware development process have made the IoT—and its vast possibility—accessible to anyone. This report provides a high-level overview of the foundational changes that have enabled the IoT and examines how it’s revolutionizing not just consumer goods and gadgets, but manufacturing, design, engineering, medicine, government, business models, and the way we live our lives.”

The Spy in the Sandbox – Practical Cache Attacks in Javascript

The Spy in the Sandbox — Practical Cache Attacks in Javascript. Yossef Oren, Vasileios P. Kemerlis, Simha Sethumadhavan, Angelos D. Keromytis (Submitted on 25 Feb 2015 (v1), last revised 1 Mar 2015 (this version, v2)) “We present the first micro-architectural side-channel attack which runs entirely in the browser. In contrast to other works in thisContinue Reading

New GAO Reports – Cybersecurity, Management of Excess Uranium, Homeland Security, Indian Affairs

Cybersecurity: Actions Needed to Address Challenges Facing Federal Systems, GAO-15-573T: Published: Apr 22, 2015. Publicly Released: Apr 22, 2015. Department of Energy: Management of Excess Uranium, GAO-15-475T: Published: Apr 22, 2015. Publicly Released: Apr 22, 2015. Homeland Security Acquisitions: Addressing Gaps in Oversight and Information is Key to Improving Program Outcomes, GAO-15-541T: Published: Apr 22,Continue Reading

Cyber In-securIty II Closing the Federal Talent Gap

Partnership for Public Service and Booz Allen Hamilton – Cyber In-securIty II Closing the Federal Talent Gap, April 2015. “Technology has changed our lives. Individuals can email, text and talk to each other, take pictures, get directions, watch television, control their home appliances, read the news, play games and manage their schedules using a device thatContinue Reading

House Reconsiders Data Breach Bill

EPIC – “Members of the Energy and Commerce Committee have convened to rework the Data Security and Breach Notification Act. The Act, introduced by Reps. Blackburn and Welch, would require businesses to notify consumers of a data breach “unless there is no reasonable risk of identity theft or financial harm.” The bill would also preemptContinue Reading

Verizon 2015 Data Breach Investigations Report

“Verizon’s “2015 Data Breach Investigations Report,” released today, reveals that cyberattacks are becoming increasingly sophisticated, but that many criminals still rely on decades-old techniques such as phishing and hacking. According to this year’s report, the bulk of the cyberattacks (70 percent) use a combination of these techniques and involve a secondary victim, adding complexity toContinue Reading

Financial malware explained

IBM Software Thought Leadership White Paper. Financial malware explained – Explore the lifecycle of fraudulent transactions and how to take action against emerging threats. December 2014. “Financial malware—that is, malicious software designed to enable fraudulent transactions—is a growing concern for line-of- business executives, heads of retail and commercial banking, readers of global compliance operations, andContinue Reading

H.R. 1560, Protecting Cyber Networks Act

“H.R. 1560 would establish within the Office of the Director of National Intelligence (ODNI) a center that would be responsible for analyzing and integrating information from the intelligence community related to cyber threats. In addition, the bill would require the government to establish procedures for sharing information and data on cyber threats between the federalContinue Reading

Consensus-as-a-service: a brief report on the emergence of permissioned, distributed ledger systems

Via Great Wall of Numbers this Report by Tim Sanson, April 6, 2015 – Highlights: •”Distributed ledgers and cryptocurrency systems are fundamentally different. •The key difference involves how transactions are validated: Bitcoin uses pseudonymous and anonymous nodes to validate transactions whereas distributed ledgers require legal identities – permissioned nodes to validate transactions. •Consequently, distributed ledgersContinue Reading

New GAO Reports – Indian Housing Block Grant Program, Defense Acquisitions, FDIC Info Security, Tanker Aircraft

Data Use and Regulatory Status of the Indian Housing Block Grant Program, GAO-15-353R: Published: Mar 10, 2015. Publicly Released: Apr 9, 2015. Defense Acquisitions: Assessments of Selected Weapon Programs [Reissued on April 9, 2015], GAO-15-342SP: Published: Mar 12, 2015. Publicly Released: Mar 12, 2015. Information Security: FDIC Implemented Many Controls over Financial Systems, but OpportunitiesContinue Reading

Hearts Continue to Bleed – Heartbleed One Year Late

Venafi Labs Analysis: Hearts Continue to Bleed Heartbleed One Year Later – Vast Majority of Global 2000 Organizations Remain Vulnerable to Cyberattacks Executive Summary – “Using the recently released Venafi TrustNet certificate reputation service, the Venafi Labs team re-evaluated SSL/TLS vulnerabilities in Q1 2015 and found that most Global 2000 organizations have failed to completelyContinue Reading

CRS – Cyberwarfare and Cyberterrorism

Cyberwarfare and Cyberterrorism: In Brief, Catherine A. Theohary, Specialist in National Security, Policy and Information Operations. John W. Rollins, Specialist in Terrorism and National Security. March 27, 2015. “Recent incidents have highlighted the lack of consensus internationally on what defines a cyberattack, an act of war in cyberspace, or cyberterrorism. Cyberwar is typically conceptualized asContinue Reading