News
[ISN] InfoSec News Mailing List
  • Advance Announcement: 2011 ACM Cloud Computing Security Workshop (CCSW) is back !
    InfoSec News: Advance Announcement: 2011 ACM Cloud Computing Security Workshop (CCSW) is back !: Forwarded from: noreply (at) crypto.cs.stonybrook.edu
    2011 ACM Cloud Computing Security Workshop (CCSW) at CCS
    October 21, 2011, SWISSOTEL Chicago http://crypto.cs.stonybrook.edu/ccsw11
    Dear Colleagues,
    CCSW is back! The past workshops were a tremendous success, with over [...]

  • Unfollowed: How a (Possible) Social Network Spy Came Undone
    InfoSec News: Unfollowed: How a (Possible) Social Network Spy Came Undone: http://www.wired.com/dangerroom/2011/04/unfollowed-how-a-possible-social-network-spy-came-undone/
    [When the early information about this story was coming out, it was that @PrimorisEra might have been spotting and assessing targets for a KGB honey pot operation. [...]

  • US-Russian dictionary defines cyber war, other concepts
    InfoSec News: US-Russian dictionary defines cyber war, other concepts: http://gcn.com/articles/2011/04/28/us-russia-cyber-dictionary.aspx
    By William Jackson GCN.com April 28, 2011
    It is all very well to talk about cyberspace and cybersecurity, but what do they mean, exactly?
    A U.S.-Russian effort is proposing common definitions. [...]

  • ICANN taps DefCon founder for top security spot
    InfoSec News: ICANN taps DefCon founder for top security spot: http://www.v3.co.uk/v3-uk/news/2046681/icann-taps-defcon-founder-security-spot
    By Shaun Nichols V3.co.uk 29 Apr 2011
    The Internet Corporation for Assigned Names and Numbers (ICANN) has named Jeff Moss as its new chief security officer.
    A security expert and respected member of the hacking community, Moss is best known for his roles in founding the DefCon and Black Hat security conferences. He has also worked in advisory positions for the US Department of Homeland Security.
    The appointment of Moss will bring to ICANN a security head who is well-versed in the attitudes and techniques which have driven research in both security intrusions and detections in recent years.
    The hiring also comes at a time when ICANN and other internet governance groups are working to roll out security measures such as DNSSEC.
    [...]


  • Teacher Passwords Stolen, Grades Hacked At 3 Seattle High Schools
    InfoSec News: Teacher Passwords Stolen, Grades Hacked At 3 Seattle High Schools: http://www.kirotv.com/education/27708043/detail.html
    By kirotv.com Webstaff April 28, 2011
    SEATTLE -- Someone has stolen teacher passwords and changed grades in a Seattle Public Schools computer system, the district said in an email to teachers obtained Thursday by KIRO 7 Eyewitness News. [...]

  • [ACM CCS'11] Reminder: Deadline Approaching (May 6, 2011)
    InfoSec News: [ACM CCS'11] Reminder: Deadline Approaching (May 6, 2011): Forwarded from: ACM CCS 2011 <acmccs2011 (at) gmail.com>
    Apologies for multiple copies of this announcement. The annual ACM Computer and Communications Security Conference is a leading international forum for information security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange techniques, tools, and experiences. The conference seeks submissions from academia, government, and industry presenting novel research on all practical and theoretical aspects of computer and communications security. Papers should have relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers must make a convincing argument for the practical significance of the results. All topic areas related to computer and communications security are of interest and in scope. Accepted papers will be published by ACM Press in the conference proceedings. Outstanding papers will be invited for possible publication in a special issue of the ACM Transactions on Information and System Security.
    Paper Submission Process
    Submissions must be made by the deadline of May 6, 2011, through the website:
    http://www.easychair.org/conferences/?conf=ccs2011
    The review process will be carried out in two phases and authors will have an opportunity to comment on the first-phase reviews. Authors will be notified of the first-phase reviews on Monday, June 20, 2011 and can send back their comments by Thursday, June 23, 2011.
    Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal, conference or workshop. Simultaneous submission of the same work is not allowed.
    Authors of accepted papers must guarantee that their papers will be presented at the conference.
    Paper Format
    Submissions must be at most 10 pages in double-column ACM format (note: pages must be numbered) excluding the bibliography and well-marked appendices, and at most 12 pages overall. Submissions must NOT be anonymized. Only PDF or Postscript files will be accepted. Submissions not meeting these guidelines risk rejection without consideration of their merits.
    Tutorial Submissions
    Proposals for long (3-hour) and short (1.5-hour) tutorials on research topics of current and emerging interest should be submitted electronically to the tutorials chair by May 24, 2011. The guidelines for tutorial proposals can be found on the website.
    Important Dates
    - Paper submission due: Friday, May 6, 2011 (23:59 UTC - 11) - First round reviews communicated to authors: Monday, June 20, 2011 - Author comments due on: Thursday, June 23, 2011 (23:59 UTC - 11) - Acceptance notification: Friday, July 15, 2011 - Final papers due: Thursday, August 11, 2011
    GENERAL CHAIR:
    Yan Chen (Northwestern University, USA)
    PROGRAM CHAIRS:
    George Danezis (Microsoft Research, UK) Vitaly Shmatikov (University of Texas at Austin, USA)
    PROGRAM COMMITTEE:
    Michael Backes (Saarland University and MPI-SWS, Germany) Bruno Blanchet (INRIA, Ecole Normale Superieure, and CNRS, France) Dan Boneh (Stanford University, USA) Nikita Borisov (University of Illinois at Urbana-Champaign, USA) Herbert Bos (VU, Netherlands) Srdjan Capkun (ETHZ, Switzerland) Avik Chaudhuri (Adobe Advanced Technology Labs, USA) Shuo Chen (Microsoft Research, USA) Manuel Costa (Microsoft Research, UK) Anupam Datta (CMU, USA) Stephanie Delaune (CNRS and ENS-Cachan, France) Roger Dingledine (The Tor Project, USA) Orr Dunkelman (University of Haifa and Weizmann Institute, Israel) Ulfar Erlingsson (Google, USA) Nick Feamster (Georgia Tech, USA) Bryan Ford (Yale University, USA) Cedric Fournet (Microsoft Research, UK) Paul Francis (MPI-SWS, Germany) Michael Freedman (Princeton University, USA) Guofei Gu (Texas A&M University, USA) Nicholas Hopper (University of Minnesota, USA) Collin Jackson (CMU Silicon Valley, USA) Markus Jakobsson (Paypal, USA) Jaeyeon Jung (Intel Labs Seattle, USA) Apu Kapadia (Indiana University Bloomington, USA) Jonathan Katz (University of Maryland, USA) Stefan Katzenbeisser (TU Darmstadt, Germany) Arvind Krishnamurthy (University of Washington, USA) Christopher Kruegel (University of California, Santa Barbara, USA) Ralf Kuesters (University of Trier, Germany) Ninghui Li (Purdue University, USA) Benjamin Livshits (Microsoft Research, USA) Heiko Mantel (TU Darmstadt, Germany) John Mitchell (Stanford University, USA) Fabian Monrose (University of North Carolina at Chapel Hill, USA) Steven Murdoch (University of Cambridge, UK) David Naccache (Ecole Normale Superieure, France) Arvind Narayanan (Stanford University, USA) Kenny Paterson (Royal Holloway, University of London, UK) Niels Provos (Google, USA) Mike Reiter (University of North Carolina at Chapel Hill, USA) Thomas Ristenpart (University of Wisconsin, USA) Hovav Shacham (University of California, San Diego, USA) Adam Smith (Pennsylvania State University, USA) Anil Somayaji (Carleton University, Canada) Francois-Xavier Standaert (UCL, Belgium) Eran Tromer (Tel Aviv University, Israel) Leendert Van Doorn (AMD, USA) Paul Van Oorschot (Carleton University, Canada) Bogdan Warinschi (University of Bristol, UK) Brent Waters (University of Texas at Austin, USA) Robert Watson (University of Cambridge, United Kingdom) Xiaowei Yang (Duke University, USA) Haifeng Yu (National University of Singapore, Singapore)


  • Cyberespionage: US finds FBI agents in elite unit lack necessary skills
    InfoSec News: Cyberespionage: US finds FBI agents in elite unit lack necessary skills: Forwarded from: Justin Lundy <jbl (at) tegataiphoenix.com>
    http://www.csmonitor.com/USA/2011/0427/Cyberespionage-US-finds-FBI-agents-in-elite-unit-lack-necessary-skills
    By Mark Clayton Staff writer The Christian Science Monitor April 27, 2011
    Many of the Federal Bureau of Investigation's field agents assigned to an elite cyber investigative unit lack the skills needed to investigate cases of cyberespionage and other computerized attacks on the US, the Justice Department inspector general reported Wednesday.
    That's a problem because the US is under constant and increasing cyberattack with 5,499 known intrusions into US government computer systems in 2008 alone -- a 40 percent jump from 2007, the inspector general's office found.
    Investigating these kinds of cyberespionage attacks falls largely on the FBI as the lead agency for the National Cyber Investigative Joint Task force, which also includes representatives from 18 different intelligence agencies and is assigned to investigate the most difficult national security intrusions -- those by a foreign power for intelligence gathering or terrorist purposes.
    But in interviews with 36 field agents in 10 of the FBI's 56 field offices nationwide, 13 agents, or more than a third, "reported that they lacked the networking and counterintelligence expertise to investigate national security [computer] intrusion cases." Five of the agents told investigators "they did not think they were able or qualified" to investigate such cases, the report said. The inspector general report does not indicate whether the 36 field agents who were interviewed are a representative sampling of the FBI’s cyber unit.
    [...]

  • Experts dissect hacker attacks during cybersecurity forum at Hagerstown Community College
    InfoSec News: Experts dissect hacker attacks during cybersecurity forum at Hagerstown Community College: http://www.herald-mail.com/news/local/hm-cyber-experts-dissect-hacker-attacks-during-cybersecurity-forum-at-hagerstown-community-college-20110427,0,2996601.story
    By ANDREW SCHOTZ herald-mail.com April 27, 2011
    Experts Wednesday detailed simple and complex ways to protect computers [...]

  • Are we talking "cyber war" like the Bush admin talked WMDs?
    InfoSec News: Are we talking "cyber war" like the Bush admin talked WMDs?: http://arstechnica.com/security/news/2011/04/are-we-talking-cyber-war-like-the-bush-admin-talked-wmds.ars
    By Matthew Lasar Ars Technica April 27, 2011
    Turn any corner in the complex metropolis that is Internet policy and you'll hear about the "cybersecurity" crisis in two nanoseconds. [...]

  • Oracle hedging its vulnerability reports?
    InfoSec News: Oracle hedging its vulnerability reports?: http://www.computerworld.com/s/article/9216213/Oracle_hedging_its_vulnerability_reports_
    By Joab Jackson IDG News Service April 27, 2011
    Oracle may be subtly misleading customers about the severity of some of the vulnerabilities found in its database software, according to [...]