Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

National Cyber Security Awareness Month 2014

DHS: “The Internet is part of everyone’s life, every day. We use the Internet at work, home, for enjoyment, and to connect with those close to us. However, being constantly connected brings increased risk of theft, fraud, and abuse. No country, industry, community, or individual is immune to cyber risks. As a nation, we face constantContinue Reading

JPMorgan Chase Says More Than 76 Million Accounts Compromised in Cyberattack

New York Times: “The breach is among the largest corporate hacks, and the latest revelations vastly dwarf earlier estimates that hackers had gained access to roughly 1 million customer accounts.”

Bourne-Again Shell (Bash) Remote Code Execution Vulnerability

“US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system. The flaw was originally assigned CVE-2014-6271, but it was later discovered that the patch had an issue in the parser and didContinue Reading

Information Sharing Environment: Annual Report to Congress – 2014

“This report is submitted by the Program Manager for the Information Sharing Environment (PM-ISE) on behalf of the President, as required by Section 1016 (h) (2) of the Intelligence Reform and Terrorism Prevention Act (IRTPA) of 2004, as amended. Accompanying, but distinct from this report, are substantial performance data and links to best practices, lessons learned,Continue Reading

Results of the 2014 Global Privacy Enforcement Network Sweep

“The second Global Privacy Enforcement Network (GPEN) Privacy Sweep demonstrates the ongoing commitment of privacy enforcement authorities to work together to promote privacy protection around the world. Some 26 privacy enforcement authorities in 19 countries participated in the 2014 Sweep, which took place May 12-18. Over the course of the week, participants downloaded 1,211 popular mobile appsContinue Reading

New GAO Reports – Army Corps of Engineers, Bureau of Prisons, CFPB, ID Theft, Oil and Gas Transportation, Affordable Care Act

ARMY CORPS OF ENGINEERS: The Corps Needs to Take Steps to Identify All Projects and Studies Eligible for Deauthorization, GAO-14-699: Published: Aug 21, 2014. Publicly Released: Sep 22, 2014. BUREAU OF PRISONS: Management of New Prison Activations Can Be Improved, GAO-14-709: Published: Aug 22, 2014. Publicly Released: Sep 22, 2014. CONSUMER FINANCIAL PROTECTION BUREAU:Some Privacy and Security Procedures for Data CollectionsContinue Reading

New GAO Reports – Critical Infrastructure Protection, EPA Regs and Electricity

CRITICAL INFRASTRUCTURE PROTECTION: DHS Action Needed to Enhance Integration and Coordination of Vulnerability Assessment Efforts, GAO-14-507: Published: Sep 15, 2014. Publicly Released: Sep 15, 2014: “DHS is not positioned to manage an integrated and coordinated government-wide approach for assessments as called for in the NIPP because it does not have sufficient information about the assessment tools andContinue Reading

Cyberthreats in past year impact 93% of financial services organizations

“Cyberattacks targeting financial services firms are on the rise, but are these organizations doing enough to protect business and customer data? According to a Kaspersky Lab and B2B International survey of worldwide IT professionals, 93% of financial services organizations experienced various cyberthreats in the past 12 months. And while cyber-attacks targeting financial services firms are on the rise, nearly oneContinue Reading

DARPA Open Catalog

“Welcome to the DARPA Open Catalog, which contains a curated list of DARPA-sponsored software and peer-reviewed publications. DARPA sponsors fundamental and applied research in a variety of areas including data science, cyber, anomaly detection, etc., that may lead to experimental results and reusable technology designed to benefit multiple government domains. The DARPA Open Catalog organizes publiclyContinue Reading

2014 Cost of Data Breach: Global Analysis

News release: “Throughout the world, companies are finding that data breaches have become as common as a cold but far more expensive to treat. With the exception of Germany, companies had to spend more on their investigations, notification and response when their sensitive and confidential information was lost or stolen. As revealed in the 2014Continue Reading

High level hacking of US financial system linked to Russia as FBI investigates

Bloomberg: “Russian hackers attacked the U.S. financial system in mid-August, infiltrating and stealing data from JPMorgan Chase & Co. (JPM) and at least one other bank, an incident the FBI is investigating as a possible retaliation for government-sponsored sanctions, according to two people familiar with the probe. The attack resulted in the loss of gigabytes of sensitive data,Continue Reading

IBM X-Force Threat Intelligence Quarterly, 3Q 2014

Get a closer look at Heartbleed—from the latest attack activity to mitigation strategies – using 2014 mid-year data and ongoing research. IBM, August 2014. “Welcome to the latest quarterly report from the IBM® X-Force® research and development team. In this report, we’ll look at how the Heartbleed vulnerability—CVE-2014-0160, disclosed in April 2014—impacted organizations around the world.Continue Reading