Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: Cybercrime

The Register – Equifax reveals full horror of that monstrous cyber-heist of its servers

Equifax reveals full horror of that monstrous cyber-heist of its servers – 146 million people, 99 million addresses, 209,000 payment cards, 38,000 drivers’ licenses and 3,200 passports – “Equifax has published yet more details on the personal records and sensitive information stolen by miscreants after they hacked its databases in 2017. The good news: the… Continue Reading

New on LLRX – Pete Recommends – weekly highlights on cyber security issues – May 6 2018

Via LLRX – Pete Recommends – weekly highlights on cyber security issues – May 6 2018: Privacy and security issues impact every aspect of our lives – home, work, travel, education, health/medical, to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the increasingly complex and wide… Continue Reading

Encryption Policy And Its International Impacts: A Framework For Understanding Extraterritorial Ripple Effects

Encryption Policy And Its International Impacts: A Framework For Understanding Extraterritorial Ripple Effects by Ryan Budish, Herbert Burkert. Urs Gasser. March 2, 2018. “This paper explores the potential international ripple effects that can occur following changes to domestic encryption policies. Whether these changes take the form of a single coherent national policy or a collection… Continue Reading

Government Leads Major Industries In Email Security

NextGov: “The federal government is now using anti-phishing security on its emails at a higher rate than any major industry sector, according to a report released Thursday. The study from the email security firm ValiMail comes roughly six months after the Homeland Security Department mandated the email security tool called DMARC for all federal agencies.… Continue Reading

Supply Chain Vulnerabilities from China in US Federal Information and Communications Technology

Supply Chain Vulnerabilities from China in U.S. Federal Information and Communications Technology, April 2018. This research report was prepared at the request of the U.S.-China Economic and Security Review Commission to support its deliberations. “The U.S. government needs a national strategy for supply chain risk management (SCRM) of commercial supply chain vulnerabilities in U.S. federal… Continue Reading

NIST – Cyber Resiliency Considerations for the Engineering of Trustworthy Secure Systems

“This publication is intended to be used in conjunction with NIST Special Publication 800-160 Volume 1, Systems Security Engineering – Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems. It can be viewed as a handbook for achieving the identified cyber resiliency outcomes based on a systems engineering perspective on system life… Continue Reading

The dots in your email address do matter: how to scam a Gmail user

James Fisher: “I recently received an email from Netflix which nearly caused me to add my card details to someone else’s Netflix account. Here I show that this is a new kind of phishing scam which is enabled by an obscure feature of Gmail called “the dots don’t matter”. I then argue that the dots… Continue Reading

Chrome Cleanup Tool on Windows PCs is scanning for malware

Motherboard: “As the head of Google Chrome security Justin Schuh explained on Twitter, the [Chrome Cleanup Tool’s] “sole purpose is to detect and remove unwanted software manipulating Chrome.” Moreover, he added, the tool only runs weekly, it only has normal user privileges (meaning it can’t go too deep into the system), is “sandboxed” (meaning its… Continue Reading

Zuckerberg apologizes defers to audit outcome accepts possible misuse by Russians while whistleblower details data gathering

Follow up to previous postings this week – Facebook, Cambridge Analytica, the 2016 Election, and a colossal misappropriation of social media data – Implications of Cambridge Analytica scandal widen in scope as do responses – updated – and NYT, Guardian – How Trump Consultants Exploited the Facebook Data of Millions – tonight Axios highlights the… Continue Reading

Paper – Law, Metaphor, and the Encrypted Machine

Gill, Lex, Law, Metaphor, and the Encrypted Machine (March 12, 2018). Osgoode Legal Studies Research Paper No. 72, Volume 13, Issue 16, 2018. Available at SSRN: https://ssrn.com/abstract=3138684 “The metaphors we use to imagine, describe and regulate new technologies have profound legal implications. This paper offers a critical examination of the metaphors we choose to describe… Continue Reading

Cyberattacks Put Russian Fingers on the Switch at Power Plant

“New computer screenshots released by the Department of Homeland Security on Thursday made clear that Russian state hackers had the foothold they would have needed to manipulate or shut down power plants.” Nicole Perlroth and David Sanger in the NYT: Cyberattacks Put Russian Fingers on the Switch at Power Plants. “The Trump administration accused Russia… Continue Reading

IG Audit finds continues flaws in OPM security of federal employee data

NextGov: “The Office of Personnel Management inspector general again found flaws in the agency’s contracting for the credit monitoring and ID theft services it provides to the more than 21.5 million current, former and prospective federal employees affected by the 2015 data breaches. OPM has gone through two different contracts for post-breach protections. The IG… Continue Reading