Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

Alexa and Google Home abused to eavesdrop and phish passwords

ars technica – Amazon- and Google-approved apps turned both voice-controlled devices into “smart spies”. – “By now, the privacy threats posed by Amazon Alexa and Google Home are common knowledge. Workers for both companies routinely listen to audio of users—recordings of which can be kept forever—and the sounds the devices capture can be used in criminal trials. Now, there’s a new concern: malicious apps developed by third parties and hosted by Amazon or Google. The threat isn’t just theoretical. Whitehat hackers at Germany’s Security Research Labs developed eight apps—four Alexa “skills” and four Google Home “actions”—that all passed Amazon or Google security-vetting processes. The skills or actions posed as simple apps for checking horoscopes, with the exception of one, which masqueraded as a random-number generator. Behind the scenes, these “smart spies,” as the researchers call them, surreptitiously eavesdropped on users and phished for their passwords…”

Equifax used ‘admin’ as username and password for sensitive data: lawsuit

Yahoo Finance: “Equifax used the word “admin” as both password and username for a portal that contained sensitive information, according to a class action lawsuit filed in federal court in the Northern District of Georgia. The ongoing lawsuit, filed after the breach, went viral on Twitter Friday after Buzzfeed reporter Jane Lytvynenko came across the detail. “Equifax… Continue Reading

How Amazon.com moved into the business of U.S. elections

Reuters: “The expansion by Amazon Web Services into state and local elections has quietly gathered pace since the 2016 U.S. presidential vote. More than 40 states now use one or more of Amazon’s election offerings, according to a presentation given by an Amazon executive this year and seen by Reuters. So do America’s two main… Continue Reading

Germany’s cyber-security agency recommends Firefox as most secure browser

ZDNet – “Firefox is the only browser that received top marks in a recent audit carried out by Germany’s cyber-security agency — the German Federal Office for Information Security (or the Bundesamt für Sicherheit in der Informationstechnik — BSI). The BSI tested Mozilla Firefox 68 (ESR), Google Chrome 76, Microsoft Internet Explorer 11, and Microsoft Edge… Continue Reading

The Law & Politics of Cyberattack Attribution

Eichensehr, Kristen, The Law & Politics of Cyberattack Attribution (September 15, 2019). UCLA Law Review, Vol. 67, (2020, Forthcoming); UCLA School of Law, Public Law Research Paper No. 19-36. Available at SSRN: https://ssrn.com/abstract=3453804 “Attribution of cyberattacks requires identifying those responsible for bad acts, prominently including states, and accurate attribution is a crucial predicate in contexts… Continue Reading

What Your Personal Information is Worth to Cybercriminals

Bleeping Computer -“Cybercriminals have multiple markets to get illicit goods and prices on these underground forums are likely driven by supply and demand, just like in the legal economy. Offerings found on deep and dark web (DDW) markets include anything that can be monetized in one way or another. Common goods cover any financial information that… Continue Reading

Americans and Digital Knowledge

“A majority of U.S. adults can answer fewer than half the questions correctly on a digital knowledge quiz, and many struggle with certain cybersecurity and privacy questions. A new Pew Research Center survey finds that Americans’ understanding of technology-related issues varies greatly depending on the topic, term or concept. While a majority of U.S. adults… Continue Reading

New Cybersecurity and Privacy Law in NY Affects Employers in NY and Beyond

JDSupra – Pillsbury – “The SHIELD Act will impose substantial new obligations on any employer with an employee residing in New York State, as well as on many employers across the country that conduct online hiring. TAKEAWAYS Regardless of their location or size, employers that receive, collect or otherwise possess private information about New York… Continue Reading

Senate Intel Cmte Releases Bipartisan Report on Russia’s Use of Social Media

“Today, Senate Select Committee on Intelligence Chairman Richard Burr (R-NC) and Vice Chairman Mark Warner (D-VA) released a new report titled, “Russia’s Use of Social Media.” It is the second volume released in the Committee’s bipartisan investigation into Russia’s attempts to interfere with the 2016 U.S. election. The new report examines Russia’s efforts to use… Continue Reading

Report: Hackers use simple trick to target U.S. presidential campaign and government officials

Mashable: “Hacking email accounts doesn’t have to be a sophisticated affair.  We are reminded once again of this fact thanks to a report released Friday by the Microsoft Threat Intelligence Center detailing how a group of hackers targeted the email accounts of journalists, government officials, and the campaign of a U.S. presidential candidate. And here’s… Continue Reading

ABA Tech Report 2019

Tech Report 2019 – Cloud Computing – Law Technology Today: “…To keep it simple, the 2019 Legal Technology Survey has focused on the basic concept of a “web-based software service or solution,” including SaaS. In practical terms, you can understand cloud computing as software or services that can be accessed and used over the internet… Continue Reading

Google’s New Password Security Tool Flags Compromised Websites

Fortune: “A big problem with passwords is that people use the same one over and over. This means that hackers who steal a password for one website—like for a hotel reward program—can often use it in many other places—such as to unlock their bank account. As a result, compromised passwords can turn into a skeleton… Continue Reading