Data Security News
-InfoSec News: Advance Announcement: 2011 ACM Cloud Computing Security Workshop (CCSW) is back !: Forwarded from: noreply (at) crypto.cs.stonybrook.edu
2011 ACM Cloud Computing Security Workshop (CCSW) at CCS
October 21, 2011, SWISSOTEL Chicago
CCSW is back! The past workshops were a tremendous success, with over
By William Jackson
April 28, 2011
It is all very well to talk about cyberspace and cybersecurity, but what do they mean, exactly?
A U.S.-Russian effort is proposing common definitions.
By Shaun Nichols
29 Apr 2011
The Internet Corporation for Assigned Names and Numbers (ICANN) has named Jeff Moss as its new chief security officer.
A security expert and respected member of the hacking community, Moss is best known for his roles in founding the DefCon and Black Hat security conferences. He has also worked in advisory positions for the US Department of Homeland Security.
The appointment of Moss will bring to ICANN a security head who is well-versed in the attitudes and techniques which have driven research in both security intrusions and detections in recent years.
The hiring also comes at a time when ICANN and other internet governance groups are working to roll out security measures such as DNSSEC.
By kirotv.com Webstaff
April 28, 2011
SEATTLE -- Someone has stolen teacher passwords and changed grades in a Seattle Public Schools computer system, the district said in an email to teachers obtained Thursday by KIRO 7 Eyewitness News.
-InfoSec News: [ACM CCS'11] Reminder: Deadline Approaching (May 6, 2011): Forwarded from: ACM CCS 2011 <acmccs2011 (at) gmail.com>
Apologies for multiple copies of this announcement. The annual ACM Computer and Communications Security Conference is a leading international forum for information security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange techniques, tools, and experiences. The conference seeks submissions from academia, government, and industry presenting novel research on all practical and theoretical aspects of computer and communications security. Papers should have relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers must make a convincing argument for the practical significance of the results. All topic areas related to computer and communications security are of interest and in scope. Accepted papers will be published by ACM Press in the conference proceedings. Outstanding papers will be invited for possible publication in a special issue of the ACM Transactions on Information and System Security.
Paper Submission Process
Submissions must be made by the deadline of May 6, 2011, through the website:
The review process will be carried out in two phases and authors will have an opportunity to comment on the first-phase reviews. Authors will be notified of the first-phase reviews on Monday, June 20, 2011 and can send back their comments by Thursday, June 23, 2011.
Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal, conference or workshop. Simultaneous submission of the same work is not allowed.
Authors of accepted papers must guarantee that their papers will be presented at the conference.
Submissions must be at most 10 pages in double-column ACM format (note: pages must be numbered) excluding the bibliography and well-marked appendices, and at most 12 pages overall. Submissions must NOT be anonymized. Only PDF or Postscript files will be accepted. Submissions not meeting these guidelines risk rejection without consideration of their merits.
Proposals for long (3-hour) and short (1.5-hour) tutorials on research topics of current and emerging interest should be submitted electronically to the tutorials chair by May 24, 2011. The guidelines for tutorial proposals can be found on the website.
- Paper submission due: Friday, May 6, 2011 (23:59 UTC - 11) - First round reviews communicated to authors: Monday, June 20, 2011 - Author comments due on: Thursday, June 23, 2011 (23:59 UTC - 11) - Acceptance notification: Friday, July 15, 2011 - Final papers due: Thursday, August 11, 2011
Yan Chen (Northwestern University, USA)
George Danezis (Microsoft Research, UK) Vitaly Shmatikov (University of Texas at Austin, USA)
Michael Backes (Saarland University and MPI-SWS, Germany) Bruno Blanchet (INRIA, Ecole Normale Superieure, and CNRS, France) Dan Boneh (Stanford University, USA) Nikita Borisov (University of Illinois at Urbana-Champaign, USA) Herbert Bos (VU, Netherlands) Srdjan Capkun (ETHZ, Switzerland) Avik Chaudhuri (Adobe Advanced Technology Labs, USA) Shuo Chen (Microsoft Research, USA) Manuel Costa (Microsoft Research, UK) Anupam Datta (CMU, USA) Stephanie Delaune (CNRS and ENS-Cachan, France) Roger Dingledine (The Tor Project, USA) Orr Dunkelman (University of Haifa and Weizmann Institute, Israel) Ulfar Erlingsson (Google, USA) Nick Feamster (Georgia Tech, USA) Bryan Ford (Yale University, USA) Cedric Fournet (Microsoft Research, UK) Paul Francis (MPI-SWS, Germany) Michael Freedman (Princeton University, USA) Guofei Gu (Texas A&M University, USA) Nicholas Hopper (University of Minnesota, USA) Collin Jackson (CMU Silicon Valley, USA) Markus Jakobsson (Paypal, USA) Jaeyeon Jung (Intel Labs Seattle, USA) Apu Kapadia (Indiana University Bloomington, USA) Jonathan Katz (University of Maryland, USA) Stefan Katzenbeisser (TU Darmstadt, Germany) Arvind Krishnamurthy (University of Washington, USA) Christopher Kruegel (University of California, Santa Barbara, USA) Ralf Kuesters (University of Trier, Germany) Ninghui Li (Purdue University, USA) Benjamin Livshits (Microsoft Research, USA) Heiko Mantel (TU Darmstadt, Germany) John Mitchell (Stanford University, USA) Fabian Monrose (University of North Carolina at Chapel Hill, USA) Steven Murdoch (University of Cambridge, UK) David Naccache (Ecole Normale Superieure, France) Arvind Narayanan (Stanford University, USA) Kenny Paterson (Royal Holloway, University of London, UK) Niels Provos (Google, USA) Mike Reiter (University of North Carolina at Chapel Hill, USA) Thomas Ristenpart (University of Wisconsin, USA) Hovav Shacham (University of California, San Diego, USA) Adam Smith (Pennsylvania State University, USA) Anil Somayaji (Carleton University, Canada) Francois-Xavier Standaert (UCL, Belgium) Eran Tromer (Tel Aviv University, Israel) Leendert Van Doorn (AMD, USA) Paul Van Oorschot (Carleton University, Canada) Bogdan Warinschi (University of Bristol, UK) Brent Waters (University of Texas at Austin, USA) Robert Watson (University of Cambridge, United Kingdom) Xiaowei Yang (Duke University, USA) Haifeng Yu (National University of Singapore, Singapore)
-InfoSec News: Cyberespionage: US finds FBI agents in elite unit lack necessary skills: Forwarded from: Justin Lundy <jbl (at) tegataiphoenix.com>
By Mark Clayton Staff writer The Christian Science Monitor April 27, 2011
Many of the Federal Bureau of Investigation's field agents assigned to an elite cyber investigative unit lack the skills needed to investigate cases of cyberespionage and other computerized attacks on the US, the Justice Department inspector general reported Wednesday.
That's a problem because the US is under constant and increasing cyberattack with 5,499 known intrusions into US government computer systems in 2008 alone -- a 40 percent jump from 2007, the inspector general's office found.
Investigating these kinds of cyberespionage attacks falls largely on the FBI as the lead agency for the National Cyber Investigative Joint Task force, which also includes representatives from 18 different intelligence agencies and is assigned to investigate the most difficult national security intrusions -- those by a foreign power for intelligence gathering or terrorist purposes.
But in interviews with 36 field agents in 10 of the FBI's 56 field offices nationwide, 13 agents, or more than a third, "reported that they lacked the networking and counterintelligence expertise to investigate national security [computer] intrusion cases." Five of the agents told investigators "they did not think they were able or qualified" to investigate such cases, the report said. The inspector general report does not indicate whether the 36 field agents who were interviewed are a representative sampling of the FBI’s cyber unit.
By ANDREW SCHOTZ
April 27, 2011
Experts Wednesday detailed simple and complex ways to protect computers
By Matthew Lasar
April 27, 2011
Turn any corner in the complex metropolis that is Internet policy and you'll hear about the "cybersecurity" crisis in two nanoseconds.
By Joab Jackson
IDG News Service
April 27, 2011
Oracle may be subtly misleading customers about the severity of some of the vulnerabilities found in its database software, according to
By Darren Pauli
April 28th, 2011
Sony has confirmed that the credit card details possibly stolen in a breach of its PlayStation Network (PSN) were encrypted.
By James Robinson
26 April 2011
The information commissioner has told a powerful group of MPs that legislation outlawing phone hacking is "very uneven" and "very unclear"
-InfoSec News: USENIX HotSec '11 Submission Deadline Extended: Forwarded from: Lionel Garth Jones <lgj (at) usenix.org>
I'm writing to remind you that the submission deadline for the 6th USENIX Workshop on Hot Topics in Security has been extended.
Please submit all work by 11:59 p.m. EST on May 12, 2011.
HotSec takes a broad view of security and privacy and encompasses research on new security ideas and problems. Cross-discipline papers identifying new security problems or exploring approaches not previously applied to security will be given special consideration. All submissions should propose new directions of research, advocate non-traditional approaches, report on noteworthy experience in an emerging area, or generate lively discussion around an important topic.
Topics of interest include, but are not limited to the following:
* Large-scale threats * Network security * Hardware security * Software security * Physical security * Programming languages * Applied cryptography * Privacy * Human-computer interaction * Emerging computing environment * Sociology * Economics
Attendance will be limited to 35-50 participants, with preference given to the authors of accepted position papers/presentations.
Submission guidelines and more information can be found at
HotSec '11 will take place Tuesday, August 9, 2011, in San Francisco, CA. It is co-located with the 20th USENIX Security Symposium, which will take place August 10-12, 2011.
We look forward to your submissions.
Patrick McDaniel, Pennsylvania State University HotSec '11 Program Chair hotsec11chair (at) usenix.org
By Gregg Keizer
April 26, 2011
Although the Federal Bureau of Investigation (FBI) said a federal temporary restraining order has crippled the Coreflood botnet in the U.S.
By Kelly Jackson Higgins
April 26, 2011
This time it wasn't an "advanced persistent threat" associated with
By Robert Lemos
April 26, 2011
An Iranian official caused a stir Monday, claiming the nation's cybersecurity experts found another digital attack aimed at the Islamic country's systems.
By LEVI PULKKINEN
April 19, 2011
Law officers have moved to seize a Seattle man's car they claim was used in a "wardriving" spree that saw Seattle-area wireless networks hacked
-InfoSec News: New Workshop: USENIX FOCI '11 Submission Deadline Approaching: Forwarded from: Lionel Garth Jones <lgj (at) usenix.org>
We're writing to remind you that the submission deadline for the first USENIX Workshop on Free and Open Communications on the Internet (FOCI '11) is approaching. Please submit your work by May 1, 2011, at 11:59 p.m. PDT.
By Eric Doyle
April 25, 2011
Cyber-attacks are increasing but national infrastructures are ill-prepared to defend themselves.
By Robert McMillan
IDG News Service
April 25, 2011
If there's a lesson to be learned from last year's Stuxnet worm, it's that the private sector needs to be able to respond quickly to
By Tracy Kitten
Bank Info Security
April 22, 2011
The Oak Ridge National Laboratory, located in Tennessee, recently disconnected Internet access after hackers attacked employees at the federal facility.
-InfoSec News: 2nd CfP: CRiSIS 2011: Risks and Security of Internet and Systems: Forwarded from: Marius Minea <marius (at) cs.upt.ro>
CALL FOR PAPERS [ PDF version at: ]
The Sixth International Conference on Risks and Security of Internet and Systems CRiSIS 2011 Timisoara, Romania, 26-28 September 2011
By Elizabeth Montalbano
April 21, 2011
The Department of Energy's Oak Ridge National Laboratory is investigating a sophisticated phishing attack that forced it to shut down email and Internet access last week.