Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

The Honeymoon Effect and the Role of Legacy Code in Zero-Day Vulnerabilities

Familiarity Breeds Contempt: The Honeymoon Effect and the Role of Legacy Code in Zero-Day Vulnerabilities,  by Clark, Fry, Blaze and Smith “Work on security vulnerabilities in software has primarily focused on three points in the software life-cycle: (1) finding and removing software defects, (2) patching or hardening software after vulnerabilities have been discovered, and (3) measuring the rate ofContinue Reading

The State of Data Centric Security

News release: ‘Informatica Corporation, the world’s number one independent provider of data integration software, today announced the availability  of a new research report by the Ponemon Institute LLC, entitled, The State of Data Centric Security. Based on a global survey of more than 1,500 IT and IT security professionals, the study reveals how organizations understand and respond toContinue Reading

Is Your Android Device Telling the World Where You’ve Been? – EFF

“Do you own an Android device? Is it less than three years old? If so, then when your phone’s screen is off and it’s not connected to a Wi-Fi network, there’s a high risk that it is broadcasting your location history to anyone within Wi-Fi range that wants to listen. This location history comes in theContinue Reading

Digital Life in 2025 – Net Threats

Pew Research Center: “As Internet experts look to the future of the Web, they have a number of concerns. This is not to say they are pessimistic: The majority of respondents to this 2014 Future of the Internet canvassing say they hope that by 2025 there will not be significant changes for the worse andContinue Reading

FTC Releases 2014 Data Security Update, But Enforcement Questions Remain – EPIC

EPIC – “The Federal Trade Commission has released the 2014 Privacy and Data Security Update. The report is “an overview of the FTC’s enforcement, policy initiatives, and consumer outreach and business guidance in the areas of privacy and data security.” In the report, the FTC explains that “If a company violates an FTC order, the FTCContinue Reading

Technology Trends 2014: Inspiring Disruption

CIOs are borrowing from the playbooks of venture capitalists and reshaping how they run the business of IT – by Tom Galizia & Chris Garibaldi “CIOs have historically focused on core delivery and operations with a budget and operating model built around low risk—buying enterprise-class software, building a talent base that could support a well-defined futureContinue Reading

The Akamai State of the Internet Report 1Q 2014

“This quarter’s report includes data gathered from across the Akamai Intelligent Platform in the first quarter of 2014, covering attack traffic, Internet connection speeds and broadband adoption, and mobile connectivity, as well as trends seen in this data over time. In addition, this quarter’s report includes insight into NTP reflection & WordPress XML-RPC pingback attacks,Continue Reading

Internet of Things: Connected Home – Survey

“Fortinet® – a global leader in high-performance network security released the results of a global survey that probes home owners about key issues pertaining to the Internet of Things (IoT). Independently administered throughout 11 countries, the survey titled, “Internet of Things: Connected Home,” gives a global perspective about the Internet of Things, what security andContinue Reading

New GAO Reports – Aviation Safety, Export-Import Bank, Medicare Fraud, Traffic Safety

AVIATION SAFETY: Additional Oversight Planning by FAA Could Enhance Safety Risk Management, GAO-14-516: Published: Jun 25, 2014. Publicly Released: Jun 25, 2014. EXPORT-IMPORT BANK: Status of GAO Recommendations on Risk Management, Exposure Forecasting, and Workload Issues, GAO-14-708T: Published: Jun 25, 2014. Publicly Released: Jun 25, 2014. INFORMATION SECURITY: Additional Oversight Needed to Improve Programs at Small Agencies, GAO-14-344: Published: Jun 25, 2014. Publicly Released:Continue Reading

POGO – SSA Not Timely in Revoking Contractor Data Access Privileges

“According to a recent audit report by the Social Security Administration’s (SSA) Inspector General (IG), SSA contractor employees had access to the agency’s information technology (IT) systems even after they stopped working on the contract. The IG found nearly a dozen instances when SSA failed to terminate contractor employees’ privileges to access sensitive data when they leftContinue Reading

Federal Appeals Court Releases “Drone Killing” Memo, EPIC Filed Amicus

EPIC – “The Court of Appeals for the Second Circuit today made public the legal analysis justifying the Administration’s controversial “targeted killing” drone program. The action follows an earlier ruling by the federal appeals court in New York Times v. Department of Justice. The government had argued that this memo could not be disclosed under the Freedom ofContinue Reading

RAND – An Examination of the Cybersecurity Labor Market

An Examination of the Cybersecurity Labor Market by Martin C. Libicki, David Senty, Julia Pollak “There is a general perception that there is a shortage of cybersecurity professionals within the United States, and a particular shortage of these professionals within the federal government, working on national security as well as intelligence. Shortages of this nature complicate securing the nation’sContinue Reading