Archive

Monthly Archives: January 2013

  • arXiv [preprints – full text]:
  • Campbell, J. (2013, Jan. 24). LAPD Spied on 21 Using StingRay Anti-Terrorism Tool. LA Weekly. [Read]
  • Gallagher, R. (2013, Jan. 24). Letter to Skype: Come Clean on Your Eavesdropping Capabilities and Policies. Slate. [Read]
  • [Gartner – full text / link to database + search for title in box at upper right]]:
    • Creating a Security Process Catalog
    • Formalizing Security Processes
    • Security Governance, Management and Operations Are Not the Same
    • The Security Processes You Must Get Right
  • Google. (2013, Jan. 23). Transparency Report: What it Takes for Governments to Access Personal Information. [Read]
  • McMillan, R. (2013, Jan. 18). Google Declares War on the Password. Wired. [Read]
  • Rao, A., Jha, B., & Kini, G. (2013). Effect of Grammar on Security of Long Passwords [preprint]. [Read – download via Carnegie Mellon]
  • Security & Communication Networks – new issue [full text]:
  • Sood, A. K., & Enbody, R. J. (2013). Crimeware-as-a-service – A Survey of Commoditized Crimeware in the Underground Market [preprint]. International Journal of Critical Infrastructure Protection. [Read]

Calls for Papers

Conferences

  • Held in conjunction with the the 8th ACM Symposium on Information, Computer and Communications Security [all May 7, 2013, with submissions due Feb. 1]:
Advertisements
    • arXiv [preprints – full text]:
    • Blaze, M., & Landau, S. (2013, Jan. 14). The FBI Needs Hackers, Not Backdoors. Wired. [Read]
    • Christin, D., López, P., Reinhardt, A., Hollic, M., & Kauer, M. (2013). Share with Strangers: Privacy Bubbles as User-centered Privacy Control for Mobile Content Sharing Applications. Information Security Technical Report. [Read]
    • Constantin, L. (2013, Jan. 17). Shylock Home Banking Malware Now Spreads via Skype, Researchers Say. Computerworld. [Read]
    • Crump, C. (2013, Jan. 16). Justice Department Refuses to Release GPS Tracking Memos [ACLU]. [Read]
    • Fox IT Security. (2013, Jan. 13). Demystifying Pobelka: A Technical Intelligence Report on the Pobelka Botnet Operation. [Read / Summary]
    • Goodin, D. (2013, Jan. 16). $5,000 Will Buy You Access to Another, New Critical Java Vulnerability. Ars Technica. [Read]
    • Granick, J. (2013, Jan. 14). Towards Learning from Losing Aaron Swartz [Stanford Law School]. [Read: Pt. 1, Pt. 2]
    • Heib, J. L., Schreiver, J., & Graham, J. H. (2013). A Security-Hardened Appliance for Implementing Authentication and Access Control in SCADA Infrastructures with Legacy Field Devices [preprint]. International Journal of Critical Infrastructure Protection. [Read]
    • Higgins, K. J. (2013, Jan. 13). The SCADA Patch Problem. Security Dark Reading. [Read]
    • Higgins, P., & Timm, T. (2013, Jan. 17). What the FBI Doesn’t Want You To Know About Its “Secret” Surveillance Techniques [Electronic Frontier Foundation]. [Read]
    • International Journal of Information Security – preprints [Abstracts / Request]:
    • Kaspersky Lab. (2013, Jan. 14). “Red October” Diplomatic Cyber Attacks Investigation. securelist. [Read]
    • Krebs, B. (2013, Jan. 13). Spam Volumes: Past & Present, Global & Local. Krebs on Security. [Read]
    • Marquis-Boire, M. et al. (2013, Jan. 15). Planet Blue Coat: Mapping Global Censorship and Surveillance Tools [University of Toronto]. [Read]
    • Pauli. D. (2013, Jan. 17). [DHS Intervenes After Medical Device Hack.] SC Magazine. [Read]
    • Proctor, P. E. (2013, Jan. 17). Reset a Security Program That Does Not Work.  [Gartner – full text / search for title in box at upper right]
    • Robertson, J. (2013, Jan. 11). A National Digital ID, Courtesy of the U.S. Postal Service? Bloomberg. [Read]
    • arXiv [preprints – full text]:
    • Bailey, B. (2013, Jan. 10). California AG has Privacy Recommendations for Mobile Industry. San Jose Mercury News. [Read / California AG report]
    • European Network and Information Security Agency. (2012, Jan. 8). ENISA Threat Landscape. [Read  / “An overview of threats, together with current and emerging trends.”]
    • Brewster, T. (2013, Jan. 10). Nokia Admits Decrypting User Data But Denies Man-in-the-Middle Attacks.  TechWeek Europe. [Read]
    • Guitton, C. (2013). Cyber Insecurity as a National Threat: Overreaction from Germany, France and the UK? European Security. [Abstract / Request]
    • Lights Out For Java: Experts Say Turn It Off – And Leave It Off. Security Ledger. [Read]
    • Martinez, J. (2013, Jan. 9). Business Leaders Press for Better Information-sharing About Cyber Threats.  The Hill. [Read]
    • O’Brien, D. (2013, Jan. 9). Yahoo HTTPS Mail Not a Moment Too Soon, Nor Too Late [Committee to Protect Journalists]. [Read]
    • Park, S., Aslam, B., Turgut, D., & Zou, A. (2013). Defense Against Sybil Attack in the Initial Deployment Stage of Vehicular Ad Hoc Network Based on Roadside Unit Support. Security & Communication Networks [preprint]. [Abstract / Request]
    • Pauli, D. (2013, Jan. 9). Linguistics Identifies Anonymous Users. SC Magazine. [Read]
    • Perlroth, N., & Hardy, Q. (2013, Jan. 8). Bank Hacks Were Work of Iranians, Officials Say. New York Times. [Read]
    • Power, R. (2013, Jan. 10). While the Cyber War Tail Wags the National Security Dog, Software Security Offers a Different Path to Cyber Peace. Computerworld. [Read]
    • Soghoian, C. (2012, Jan. 8). US Surveillance Law May Poorly Protect New Text Message Services [ACLU]. [Read]
    • United Kingdom. Parliament.  Defence Committee. (2012, Dec.) Defence and Cyber-Security. [Read]
    • United States. Department of Homeland Security. Industrial Control Systems Cyber Emergency Response Team. (2012, Oct.-Dec.). ICS-CERT Monthly Monitor. [Read – Malware, many vulnerable systems easily identified with Shodan search engine]
    • Yue, C. (2012, Dec.) Preventing the Revealing of Online Passwords to Inappropriate Websites with LoginInspector. Paper presented at the 26th Large Installation System Administration Conference. [Read]
  • Aftergood, S. (2013, Jan. 2). Intelligence Oversight Steps Back From Public Accountability [Federation of American Scientists]. [Read]
  • arXiv [preprints – full text]:
  • Bowes, R. (2013, Jan. 3). Padding Oracle Attacks: In Depth. SkullSecurity. [Read]
  • Burts, B. (2012, Jan. 4). How a Regular IT Guy Helped Catch a Botnet Cybercriminal. Naked Security. [Read]
  • Clayton, M. (2013, Jan. 3). Secret US Cybersecurity Program to Protect Power Grid Confirmed. Christian Science Monitor. [Read]
  • Gallagher, S. (2013, Jan. 4). Security Pros Predict “Major” Cyber Terror Attack This Year. Ars Technica. [Read]
  • Gjelten, T. (2013, Jan. / Feb.). First Strike: US Cyber Warriors Seize the Offensive. World Affairs. [Read]
  • IEEE Transactions on Information Forensics & Security – new issue [Abstracts / Request]:
  • IEEE Transactions on Mobile Computing – selected new articles [full text]:
  • [India’s] Army Chief Issues Orders for Checking Cyber Invasion. (2012, Dec. 31). Business Standard. [Read]
  • Krebs, B. (2013, Jan. 13). Turkish Registrar Enabled Phishers to Spoof Google. Krebs on Security. [Read]
  • Litian, A., Nicolett, M., & Schulte, W. R. (2012, Dec. 28).  Innovation Insight: Innovation Drives Seven Dimensions of Context-Aware Enterprise Security Systems [Gartner]. [Gartner – full text / search for title in box at upper right]
  • Nakashima, E. (2013, Jan. 2). To Thwart Hackers, Firms Salting Their Servers With Fake Data. Washington Post. [Read]
  • Perlroth, N. (2012, Dec. 31). Outmaneuvered at Their Own Game, Antivirus Makers Struggle to Adapt. New York Times. [Read]
  • Roberts, P. F. (2012, Dec. 27). Mr. Mitnick, I Presume? Africa’s Coming Cyber Crime Epidemic. IT World. [Read]
  • Rottman, G. (2012, Dec. 21). Open Source Intelligence and Crime Prevention [ACLU]. [Read]
  • Sternstein, A. (2013, Jan. 3). DHS to Pick Up $6 billion Tab for Cyber Surveillance Systems at Every Department.  Nextgov. [Read]
  • Verma, P. (2012). The Role of the Network in Implementing Security and Privacy. International Journal of Critical Infrastructure Protection. [Read]
  • Walls, A. (2012, Dec. 28). Short, Focused and Just-in-Time Approaches to Security Awareness. [Gartner]. [Gartner – full text / search for title in box at upper right].

Calls for Papers

Conferences