Accurate, Focused Research on Law, Technology and Knowledge Discovery With Daily Postings Since 2002
DHS: “The Internet is part of everyone’s life, every day. We use the Internet at work, home, for enjoyment, and to connect with those close to us. However, being constantly connected brings increased risk of theft, fraud, and abuse. No country, industry, community, or individual is immune to cyber risks. As a nation, we face constant …
New York Times: “The breach is among the largest corporate hacks, and the latest revelations vastly dwarf earlier estimates that hackers had gained access to roughly 1 million customer accounts.”
“US-CERT is aware of a Bash vulnerability affecting Unix-based operating systems such as Linux and Mac OS X. Exploitation of this vulnerability may allow a remote attacker to execute arbitrary code on an affected system. The flaw was originally assigned CVE-2014-6271, but it was later discovered that the patch had an issue in the parser and did …
“This report is submitted by the Program Manager for the Information Sharing Environment (PM-ISE) on behalf of the President, as required by Section 1016 (h) (2) of the Intelligence Reform and Terrorism Prevention Act (IRTPA) of 2004, as amended. Accompanying, but distinct from this report, are substantial performance data and links to best practices, lessons learned, …
“The second Global Privacy Enforcement Network (GPEN) Privacy Sweep demonstrates the ongoing commitment of privacy enforcement authorities to work together to promote privacy protection around the world. Some 26 privacy enforcement authorities in 19 countries participated in the 2014 Sweep, which took place May 12-18. Over the course of the week, participants downloaded 1,211 popular mobile apps …
CRITICAL INFRASTRUCTURE PROTECTION: DHS Action Needed to Enhance Integration and Coordination of Vulnerability Assessment Efforts, GAO-14-507: Published: Sep 15, 2014. Publicly Released: Sep 15, 2014: “DHS is not positioned to manage an integrated and coordinated government-wide approach for assessments as called for in the NIPP because it does not have sufficient information about the assessment tools and …
“Cyberattacks targeting financial services firms are on the rise, but are these organizations doing enough to protect business and customer data? According to a Kaspersky Lab and B2B International survey of worldwide IT professionals, 93% of financial services organizations experienced various cyberthreats in the past 12 months. And while cyber-attacks targeting financial services firms are on the rise, nearly one …
“Welcome to the DARPA Open Catalog, which contains a curated list of DARPA-sponsored software and peer-reviewed publications. DARPA sponsors fundamental and applied research in a variety of areas including data science, cyber, anomaly detection, etc., that may lead to experimental results and reusable technology designed to benefit multiple government domains. The DARPA Open Catalog organizes publicly …
News release: “Throughout the world, companies are finding that data breaches have become as common as a cold but far more expensive to treat. With the exception of Germany, companies had to spend more on their investigations, notification and response when their sensitive and confidential information was lost or stolen. As revealed in the 2014 …
Bloomberg: “Russian hackers attacked the U.S. financial system in mid-August, infiltrating and stealing data from JPMorgan Chase & Co. (JPM) and at least one other bank, an incident the FBI is investigating as a possible retaliation for government-sponsored sanctions, according to two people familiar with the probe. The attack resulted in the loss of gigabytes of sensitive data, …
Get a closer look at Heartbleed—from the latest attack activity to mitigation strategies – using 2014 mid-year data and ongoing research. IBM, August 2014. “Welcome to the latest quarterly report from the IBM® X-Force® research and development team. In this report, we’ll look at how the Heartbleed vulnerability—CVE-2014-0160, disclosed in April 2014—impacted organizations around the world. …
ProPublica: The un-vetted computer engineer plugged into law enforcement networks and a database of 5 million Arizona drivers in a possible breach that was kept secret for years. by Ryan Gabrielson, ProPublica and Andrew Becker, Center for Investigative Reporting, August 26, 2014. “LIZHONG FAN’S DESK WAS AMONG A CROWD of cubicles at the Arizona Counter Terrorism Information …
