Archive

Monthly Archives: November 2012

  • arXiv [preprints – full text]:
  • Bately, A. (2012, Nov. 27). The Spies Behind Your Screen: Hacking Team, International Law and the New Cyber Arms Race. Telegraph. [Read]
  • Gallagher, S. (2012, Nov. 28). Pro-Iranian Hackers Stole Data from UN Atomic Energy Agency’s Server. Ars Technica. [Read]
  • IEEE Security & Privacy – preprints [full text]:
  • Information Management & Computer Security – new issue [full text]:
  • International Journal of Critical Infrastructure Protection – new issue [full text]:
  • Journal of Computer Security – new issue [abstracts / request]:
  • Julian Assange on WikiLeaks, Bradley Manning, Cypherpunks, Surveillance State. Democracy Now. [Watch]
  • Krebs, B. (2012, Nov. 27th). Java Zero-Day Exploit on Sale for ‘Five Digits’. Krebs on Security. [Read]
  • Lim, D. (2012, Nov. 28). Pentagon Exempts Cyber Weapons from Collateral Damage Directive. Nextgov. [Read]
  • Nakashima, E. (2012, Nov. 22). As Cyberwarfare Heats Up, Allies Turn to U.S. Companies for Expertise. Washington Post. [Read / Also: Do Not Track Losing Momentum]
  • National Research Council. (2012, Nov. 28). Monitoring Progress Toward Successful K-12 STEM Education: A Nation Advancing? [Read]
  • Schneier, B. (2012, Nov. 26). When It Comes to Security, We’re Back to Feudalism. Wired. [Read]
  • United States. Executive Office of the President. (2012, Nov. 21). Presidential Memorandum — National Insider Threat Policy and Minimum Standards for Executive Branch Insider Threat Programs. [Read]
  • Van Hoboken, J., Arnbak, A., & Van Eijk, N. (2012, Nov. 27). Cloud Computing in Higher Education and Research Institutions and the USA Patriot Act [preprint]. [Read]
  • Zu, Z., & Cao, G. (2012). Toward Privacy Preserving and Collusion Resistance in a Location Proof  Updating System. IEEE Transactions on Mobile Computing. [Read]

Proceedings

  • 6th International Conference on Network and System Security (2012, Nov. 21-23)  – papers presented [abstracts / request]:
  • 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques (2012, April 15-19) – papers presented [abstracts / request]:

[next update 11/30/12]

  • Abeyratne, R. (2012). The ePassport — new technology to counter security threats. Journal of Transportation Security. [abstract / request]
  • Computer Fraud & Security – new issue [full text]:
  • Constantin, L. (2012, Nov. 18). Security team finds malware that hijacks USB smart cards. PCWorld. [Read]
  • Damopoulos, D., Kambourakis, G., & Gritzalis, S. (2012). From keyloggers to touchloggers: Taking the rough with the smooth. Computers & Security. [Read]
  • European Network and Information Security Agency. (2012, Nov. 20). The right to be forgotten – between expectations and practice. [Read]
  • IEEE Transactions on Information Forensics & Security – new issue [abstracts / request]:
  • Lin, J., Liu, P., Jing, J., Wang, Q. (2012). Impossibility of finding any third family of server protocols integrating Byzantine quorum systems with threshold signature schemes. Security and Communication Networks. [abstract /request]
  • McCullagh, D. (2012, Nov. 20). Senate bill rewrite lets feds read your email without warrants. CNet. [Read]
  • McGuire, P. (2012, Nov. 19). The Gaza Strip cyberwar. Vice. [Read]
  • Merlo, A. (2012). Secure cooperative access control on grid [Future Generation Computer Systems preprint]. [Read]
  • Miller, G., & Nakashima, E. (2012, Nov. 17). FBI investigation of Broadwell reveals bureau’s comprehensive access to electronic communications. Washington Post. [Read]
  • Simonite, T. (2012, Nov. 19). Jail looms for man who revealed AT&T leaked iPad user emails. MIT Technology Review. [Read]
  • Syed, R. H., Syrame, M., & Bourgeois, J. (2012). Protecting grids from cross-domain attacks using security alert sharing mechanisms  [Future Generation Computer Systems preprint]. [Read]
  • United Kingdom. Information Commissioner’s Office. Anonymisation: Managing data protection risk code of practice. [Read / Summary]
  • Zhang, M., Yang, B., Chen, Z., & Takagi, T. (2012). Efficient and adaptively secure broadcast encryption systems. Security and Communication Networks. [abstract / request]

Proceedings

  • 7th International Conference on Legal, Security and Privacy Issues in IT Law (2012, Oct. 2-4) – papers presented [full text]:
  • 13th International Workshop on Information Security Applications. (2012, Aug. 16-18) – papers presented [abstracts / request]:

Calls for Papers

Conferences

  • arXiv [preprints]:
  • Boneh, D. (2012, Nov.). Cryptography I [Stanford University online course, free via Coursera]. [More]
  • Cheng, J., & Man, J. (2012, Nov. 9). HKEx hacker jailed for nine months. South China Morning Post. [Read]
  • European Network and Information Security Agency. (2012, Nov. 15). Supply chain integrity – An overview of the ICT supply chain risks and challenges, and vision for the way forward. [Read / Also: Privacy implications of behavioural tracking]
  • Fagerland, S. (2012, Nov.). Systematic cyber attacks against Israel, Palestine going on for a year [Norman AS]. [Download / Summary]
  • Greenwald, G. (2012, Nov. 13). FBI’s abuse of the surveillance state is the real scandal needing investigation. Guardian. [Read]
  • Hulme, G. V. (2012, Nov. 14). Enterprises can obtain value from red teaming exercises, expert says. SearchSecurity. [Read]
  • Keefe, P. R. (2012, Nov. 13). The surveillance state takes friendly fire. New Yorker. [Read]
  • Koppell, R. (2012, Oct.). Human creativity: Workarounds as enablers and inhibitors of security. Presentation at 2012 ISSA International Conference. [Watch]
  • Kravets, D. (2012, Nov. 13). Post-Petraeus scandal Google releases stats showing uptick in gov requests for data. Wired. [Read]
  • National Research Council. (2012, Nov. 14). Terrorism and the electrical power delivery system. [Read / Summary]
  • Quinn, M., & Byers, A. (2012, Nov. 14). 5 Gmail lessons from the Petraeus affair. Politic0. [Read]
  • Rashid, F. Y. (2012, Nov. 13). UAE toughens penalties for cyber crimes. Securityweek. [Read]
  • Schulz, M. (2012, Nov. 13). Michigan’s [Mike] Rogers emerges as potential new CIA leader. Detroit News. [Read / CISPA co-author]
  • Soghoian, C. (2012, Nov. 15). The growing trade in software security exploits [talk at Princeton Center for Information Technology Policy]. [Watch]
  • Staff of European Commissioner for the Digital Agenda hacked. (2012, Nov. 14). Infosecurity. [Read]
  • Storm, D. (2012, Nov. 13). FBI facial recognition? There’s an app for that. Computerworld. [Read]
  • U.S.-China Economic Security and Review Commission. (2012, Nov.). 2012 report to Congress. [Read]
  • Weinstein, A., & Follman, M. (2012, Nov. 12). The David Petraeus scandal explained. Mother Jones. [Read / detailed summary w/many links + ongoing updates]
  • Zumerle, D. (2012, Nov. 14). Three crucial security hurdles to overcome when shifting from enterprise-owned devices to BYOD.  [Gartner]. [Gartner – full text / search for title in box at upper right].

  • Agence France-Presse. (2012, Nov. 8). Assange: Obama a ‘wolf in sheep’s clothing’. [Read]
  • arXiv [preprints]:
  • Communications of the ACM – new issue [selected, full text]:
  • Cook, R. (2012, Nov. 8). Cleaning out the turkey coop: What to do after you get rid of an incompetent employee [HP]. [Read]
  • Delibasis, D. (2012). The cyber-battlefields of the 21st century and the need for a ‘new paradigm’ [preprint]. [Read]
  • Fisher, D., & Soghoian, C. (2012, Nov. 8). Chris Soghoian on exploit sales. threatpost. [Listen]
  • Goodin, D. (2012, Nov. 8). Mushrooming ransonware now extorts $5 million a year. Ars Technica. [Read]
  • Greenberg, A. (2012, Nov. 6). Despite security fixes, new cracks appear in New Jersey’s last minute email voting scheme. Forbes. [Read]
  • Grossman, J. (2012, Nov. 6). The web won’t be safe or secure until we break it. ACM Queue. [Read]
  • [LARGO AREA EVENT] Activism and hacker culture (roundtable with Hans Bernhard, Steven Kurtz, Frank Rieger, & Mark Tribe). (2012, Nov. 14, 12-2 pm). Goethe-Institut, 812 7th St., NW, DC. [More]
  • King, R. (2012, Nov. 8). Stuxnet infected Chevron’s IT network. Wall Street Journal. [Read]
  • Krebs, B. (2012, Nov. 7). Experts warn of zero-day exploit for Adobe Reader. Krebs on Security. [Read]
  • Ormandy, T. (2012, Nov.). Sophail: Applied attacks against Sophos Antivirus [Research at Google]. [Read]
  • Reporters Without Borders. (2012, Nov. 6). Position paper on the export of European surveillance technology. [Read]
  • Rouf, I., Mustafa, H., Xu, M., Xu, W., Miller, R., & Gruteser, M. (2012, Oct. – now freely available). Neighborhood watch: Security and privacy analysis of automatic meter reading systems. Paper presented at the 19th ACM Conference on Computer and Communications Security. [Read]
  • Trautman, L. J. (2012). Threats escalate: Corporate information technology governance under fire [preprint]. [Read]
  • UMUC. (2012, Nov. 2). UMUC cyber team earns silver in global competition. [Read]
  • Westervelt, R. (2012, Nov. 8). Huawei security chief says vendor supports U.S. cyberespionage defense. SearchSecurity. [Read / Also: Windows 8 patch coming soon]
  • Winterford, B. (2012, Nov. 9). [Australian] telcos declare SMS ‘unsafe’ for bank transactions. itnews. [Read]
  • Yang, H., Zhang, Y., Hu, Y., & Liu, Q. (2012). IKE vulnerability discovery based on fuzzing. Security & Communication Networks [preprint]. [Abstract / Request]
  • Zhang, Y.,  Reiter, M., Juels, A., & Ristenpart, T. (2012, Oct. – now freely available). Cross-VM side channels and their use to extract private keys. Paper presented at the 19th ACM Conference on Computer and Communications Security. [Read]

Calls for Papers

Conferences

  • arXiv [preprints – selected new articles]:
  • Benson, P. (2012, Oct. 30). Intelligence budget continues to drop. CNN. [Read]
  • European Network and Information Security Agency. (2012, Oct. 29). Inventory of CERT activities in Europe. [Read]
  • Gallagher, R. (2012, Oct. 31). Germany discloses most of the spy tools it’s using – and other countries should, too. Slate. [Read]
  • Gantz, S. (2012, Nov. 2). Cyber security firms looking for students who pass government security clearances. Baltimore Business Journal. [Preview / Request]
  • Goncharov, M. (2012, Oct.) Russian underground 101 [Trend Micro]. [Read]
  • Government hackers develop Windows 8 exploit – already. (2012, Oct 31). Infosecurity. [Read]
  • Journal of Information Security – new issue [full text]:
  • Kaspersky Labs. (2012, Nov. 1). IT threat evolution: Q3 2012. Securelist. [Read]
  • McCullagh, D. (2012, Nov. 2). Judge prods FBI over future internet surveillance plans. CNET. [Read]
  • Morrow, T., Seacord, R. C., Bergey, J. K., & Miller, P. (2012, Oct.). Supporting the use of CERT secure coding standards in DoD acquisitions [Carnegie Mellon Software Engineering Institute]. [Read]
  • Police need new internet surveillance tools, chiefs say [RE: Canadian Bill C-30]. (2012, Oct. 26). CBC News. [Read]
  • Serwer, A. (2012, Oct. 30). The government secretly spied on you? Prove it! Mother Jones. [Read]
  • Stoichev, K. (2012). Conditions for increasing the viability of critical infrastructure objects. Journal of Applied Security Research. [Abstract / Request]
  • United States. National Institute of Standards and Technology. (2012, Oct.). Conducting information security-related risk assessments: Updated guidelines for comprehensive risk management programs. [Read]
  • United States. Supreme Court. (2012, Oct. 2).  [Transcript of oral argument in Clapper v. NSA RE: FISA amendments reauthorization]. [Read]