Archive

Monthly Archives: August 2012

  • Doyle, C. (2012, August 28). Stealing trade secrets and economic espionage: An overview of 18 U.S.C. 1831 and 1832 [Congressional Research Service]. [Read]
  • Fineran, D., & Bakr, A. (2012, August 26). Saudi Aramco says most damage from computer attack fixed. Reuters. [Read]
  • Gilad, Y., & Herzberg, A. (2012, August). Off-path attacking the web. Paper presented at the 6th USENIX Workshop on Offensive Technologies. [Read]
  • Heninger, N., Durumeric, Z., Wustrow, E., & Halderman, J. A. (2012, August). Mining your Ps and Qs: Detection of widespread weak keys in network devices.  Paper presented at the 21st USENIX Security Forum. [Read]
  • Mills, E. (2012, August 31). A who’s who of Mideast targeted malware. CNet. [Read]
  • Mulliner, C., &  Michéle, B. (2012, August). Read it twice! A mass-storage based TOCTTOU attack. Paper presented at the 6th USENIX Workshop on Offensive Technologies. [Read]
  • Perlroth, N. (2012, August 31). Software meant to fight crime is used to spy on dissidents. New York Times. [Read]
  • Pérez-Méndez, A., Pereñíguez-García, F., Marín-López, R., & and López-Millán, G. (2012). A cross-layer SSO solution for federating access to kerberized services in the eduroam/DAMe network. International Journal of Information Security. [Abstract / Request]
  • Ragan, S. (2012, August 30). Toyota says fired contractor sabotaged supplier network and stole sensitive data. SecurityWeek . [Read]
  • Schneier, B. (2012, August 28). The importance of security engineering. Schneier on Security. [Read]
  • 2nd International Conference on Cryptology and Information Security in Latin America. (2012, October 7-10) – papers to be presented [Abstracts / Request]:
  • 6th International Conference on Provable Security. (2012, September 26-28) – papers to be presented [Abstracts / Request]:
  • Symantec. (2012, August 30). Java zero-day used in targeted attack campaign. [Read]
  • Tuttle, R. (2012, August 30). Virus shuts RasGas office computers, LNG output unaffected. Bloomberg News. [Read]
  • United States. Federal Energy Regulatory Commission. (2012, August 31). Order requiring reporting on North American Energy Standards Board public key infrastructure standards. [Read / Analysis]
  • United States. Information Sharing Environment. (2012, August 30). Annual report to the Congress. [Read]
  • Warren, P. (2012, August 30). State-sponsored cyber espionage projects now prevalent, say experts. Guardian. [Read]
  • Weinmann, R. (2012, August). Baseband attacks: Remote exploitation of memory corruptions in cellular protocol stacks. Paper presented at the 6th USENIX Workshop on Offensive Technologies. [Read]
  • Whisnant. A., & Faber, S. (2012, August). Network profile using flow [Carnegie Mellon Software Engineering Institute]. [Read]
  • Zetter, K. (2012, August 29). Wiper malware that hit Iran left possible clues of its origins. Wired. [Read]

Articles not available in full text can be requested at no cost via DocumentExpress.

  • Cryptology EPrint Archive – new items [Full Text]:
  • Gallagher, R. (2012, August 20). How government grade-spytech used a fake scandal to dupe journalists. Slate. [Read]
  • Goodin, D. (2012, August 20). Why passwords have never been weaker and crackers have never been stronger. Ars Technica. [Read]
  • Information Security Journal – new articles [Abstracts / Request]:
  • Kravets, D. (2012, August 22). Landmark California location-privacy bill nears governor’s desk . Wired. [Read]
  • Network Security – new articles [Full Text]:
  • 9th International Conference on Trust, Privacy and Security in Digital Business. (2012, September 3-7) – papers to be presented [Abstracts / Request]:
  • 9th VLBD Workshop. (2012, August 27) – papers to be presented [Abstracts / Request]:
  • Perlroth, N. (2012, August 23). Hackers lay claim to Saudi Aramco attack. New York Times. [Read]
  • Poitras, L. (2012, August 22). The program [profile of NSA whistleblower / anti-surveillance activist William Binney]. New York Times. [Read]
  • 17th European Symposium on Research in Computer Security (2012, September 10-12) – papers to be presented [Abstracts / Request]:
  • United States. Congressional Research Service. (2012, August 16). Pipeline cybersecurity. [Read]
  • United States. Department of Homeland Security. (2012, August 21). Key management errors in Ruggedcom’s Rugged operating system. [Read]
  • United States. Government Accountability Office. (2012, July 19). Environmental Protection Agency needs to resolve weaknesses. [Read]
  • United States. National Institute of Standards and Technology.  (2012, August 23). The role of the National Institute of Standards and Technology in mobile security. [Read]
  • Viswanath, B., Kiciman, E., & Saroiu, S. (2012, August 17). Keeping information safe from social networking apps [Microsoft Research]. [Read]

Calls for Papers

Conferences

  • AT&T DDoS’d by unknown attackers. (2012, August 17). Infosecurity. [Read]
  • Goodin, D. (2012 August 16). Mystery malware wreaks havoc on energy sector computers. Ars Technica. [Read]
  • Journal of Conflict and Security Law – issue on cyberwarfare [Abstracts / Request]:
  • Kaspersky Lab. (2012, August 14). The mystery of the encrypted Gauss payload. Securelist. [Read]
  • Kerr, D. (2012, August 15). Syrian dissidents besieged by malware attacks. CNET. [Read]
  • Kravets, D. (2012, August 14). Appeals court OKs warrantless, real-time mobile phone tracking. Wired. [Read]
  • Mackinnon, R. (2012). Consent of the networked: The worldwide struggle for internet freedom [ebook – Read]
  • Pauli, D. (2012, August 16). Half a million credit cards stolen from Aussie businesses. CRN. [Read]
  • Perlroth, N. (2012, August 13). Elusive FinSpy spyware pops up in ten countries. New York Times. [Read]
  • Schactman, N. (2012, August 14). TrapWire: It’s not the surveillance, it’s the sleaze. Wired. [Read]
  • Security and Communications Networks – new articles [Abstracts / Request]:
  • Syal, R., Davies, L., & Caselli, I. (2012, August 16). Julian Assange asylum offer leads Ecuador and UK into diplomatic row. Guardian. [Read]
  • 32nd Annual Cryptology Conference (2012, August 19-23) – papers to be presented [Abstracts / Request]:
  • United States. National Institute of Standards and Technology. (2012, August). Security of Bluetooth systems and devices. [Read]

Calls for Papers

Conferences

Journals

  • Braun, J., Buchmann, J., Mullan, C., & Wiesmaier, A. (2012, August 9). Long term confidentiality: A survey [preprint]. [Read – one of many new articles posted this week in the Cryptology ePrint Archive].
  • Brook, C. (2012, August 9). Report: Stealthy new banking malware Tilon emergest. threatpost. [Read]
  • Cummings, A., Lewellen, T., McIntire, D, Moore, A., & Trzeciak, R. (2012). Insider threat study: Illicit cyber activity involving fraud in the U.S. financial sector [Carnegie Mellon Software Engineering Institute]. [Read]
  • Giuliani, G., & Sharf, E. (2012, August 8). Nepalese government websites compromised to serve Zegost RAT. websense. [Read]
  • Jianway, Z., Liang, G., & Haixin, D. (2012, July). Investigating China’s underground online economy [University of California Institute on Global Conflict and Collaboration]. [Read]
  • Kaspersky Lab. (2012, August 9). Gauss: Nation-state cyber-surveillance meets banking trojan. Securelist. [Read – more on Gauss from Kaspersky]
  • Kravets, D. (2012, August 7). Appeals court OKs warrantless wiretapping. Wired. [Read]
  • Krebs, B. (2012, August 7). How to break into security, Miller edition. [Advice from Charlie Miller on how to become a computer security professional]. Krebs on Security. [Read]
  • Muñoz, C. (2012, August 8). White House considers executive action to address cybersecurity. The Hill. [Read]
  • Perlroth, N., & Rusli, E. M. (2012, August 5). Computer security start-ups catch fancy of investors. New York Times. [Read]
  • 2nd USENIX Workshop on Free and Open Communications on the Internet (August 6, 2012). [Full text of selected papers]:
  • Sorber, J., Shin, M., Peterson, R., Cornelius, C., Mare, S., Prasad, A. . . . Kotz, D. (2012). An Amulet for trustworthy wearable mhealth [preprint]. [Read]
  • Tait, R. (2012, August 5). Iranian state goes offline to dodge cyber-attacks. Telegraph. [Read]
  • United States. National Institute of Standards and Technology. (2012, August 8). Computer security incident handling guide (SP 800-61, revision 2). [Read]

Calls for Papers

Conferences

Journals