Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

Joint Cmte Report on Risks and Vulnerabilities in EU Financial System

European Banking Authority Report issued May 5, 2015 – completed March 2015 – Joint Committee Report on the Risks and Vulnerabilities in the EU Financial System “Since the August 2014 Joint Committee Report on Risk and Vulnerabilities the risks facing the EU financial system did not substantially change in character, but intensified further. The sameContinue Reading

Ad Injection at Scale: Assessing Deceptive Advertisement Modifications

Google Research Paper – “Today, web injection manifests in many forms, but fundamentally occurs when malicious and unwanted actors tamper directly with browser sessions for their own profit. In this work we illuminate the scope and negative impact of one of these forms, ad injection , in which users have ads imposed on them inContinue Reading

What Every Librarian Needs to Know About HTTPS

EFF – “Librarians have long understood that to provide access to knowledge it is crucial to protect their patrons’ privacy. Books can provide information that is deeply unpopular. As a result, local communities and governments sometimes try to ban the most objectionable ones. Librarians rightly see it as their duty to preserve access to books,Continue Reading

Attacking the Internet using Broadcast Digital Television

From the Aether to the Ethernet – Attacking the Internet using Broadcast Digital Television. Yossef Oren, Angelos D. Keromytis, Columbia University 19th May 2014. “In the attempt to bring modern broadband Internet fea-tures to traditional broadcast television, the Digital Video Broadcasting (DVB) consortium introduced a specification called Hybrid Broadcast-Broadband Television(HbbTV), which allows broadcast streams toContinue Reading

What Is the Internet of Things?

What Is the Internet of Things?, Mike Loukides and Jon Bruner, O’Reilly Media:  “The Internet of Things (IoT) is a blending of software and hardware, introducing intelligence and connectedness to objects and adding physical endpoints to software. Radical changes in the hardware development process have made the IoT—and its vast possibility—accessible to anyone. This report providesContinue Reading

The Spy in the Sandbox – Practical Cache Attacks in Javascript

The Spy in the Sandbox — Practical Cache Attacks in Javascript. Yossef Oren, Vasileios P. Kemerlis, Simha Sethumadhavan, Angelos D. Keromytis (Submitted on 25 Feb 2015 (v1), last revised 1 Mar 2015 (this version, v2)) “We present the first micro-architectural side-channel attack which runs entirely in the browser. In contrast to other works in thisContinue Reading

New GAO Reports – Cybersecurity, Management of Excess Uranium, Homeland Security, Indian Affairs

Cybersecurity: Actions Needed to Address Challenges Facing Federal Systems, GAO-15-573T: Published: Apr 22, 2015. Publicly Released: Apr 22, 2015. Department of Energy: Management of Excess Uranium, GAO-15-475T: Published: Apr 22, 2015. Publicly Released: Apr 22, 2015. Homeland Security Acquisitions: Addressing Gaps in Oversight and Information is Key to Improving Program Outcomes, GAO-15-541T: Published: Apr 22,Continue Reading

Cyber In-securIty II Closing the Federal Talent Gap

Partnership for Public Service and Booz Allen Hamilton – Cyber In-securIty II Closing the Federal Talent Gap, April 2015. “Technology has changed our lives. Individuals can email, text and talk to each other, take pictures, get directions, watch television, control their home appliances, read the news, play games and manage their schedules using a device thatContinue Reading

House Reconsiders Data Breach Bill

EPIC – “Members of the Energy and Commerce Committee have convened to rework the Data Security and Breach Notification Act. The Act, introduced by Reps. Blackburn and Welch, would require businesses to notify consumers of a data breach “unless there is no reasonable risk of identity theft or financial harm.” The bill would also preemptContinue Reading

Verizon 2015 Data Breach Investigations Report

“Verizon’s “2015 Data Breach Investigations Report,” released today, reveals that cyberattacks are becoming increasingly sophisticated, but that many criminals still rely on decades-old techniques such as phishing and hacking. According to this year’s report, the bulk of the cyberattacks (70 percent) use a combination of these techniques and involve a secondary victim, adding complexity toContinue Reading

Financial malware explained

IBM Software Thought Leadership White Paper. Financial malware explained – Explore the lifecycle of fraudulent transactions and how to take action against emerging threats. December 2014. “Financial malware—that is, malicious software designed to enable fraudulent transactions—is a growing concern for line-of- business executives, heads of retail and commercial banking, readers of global compliance operations, andContinue Reading

H.R. 1560, Protecting Cyber Networks Act

“H.R. 1560 would establish within the Office of the Director of National Intelligence (ODNI) a center that would be responsible for analyzing and integrating information from the intelligence community related to cyber threats. In addition, the bill would require the government to establish procedures for sharing information and data on cyber threats between the federalContinue Reading