Tag Archives: committee

[ISN] Federal Employee May Have Been Cooking Meth at Government Agency’s Campus

http://www.govexec.com/oversight/2015/07/fbi-and-congress-are-investigating-if-meth-lab-exploded-federal-building/118751/ By Eric Katz Govexec.com July 30, 2015 A federal employee may have recently learned the hard way that cooking meth should be left to the chemistry experts. The FBI and a congressional committee are investigating whether a federal worker was manufacturing methamphetamine in a federal building after a room exploded earlier this month. After a July 18 explosion at a building at the National Institute of Standards and Technology’s Gaithersburg, Md., campus, authorities found many of the key ingredients for making meth and a recipe for the drug, according to News4, the NBC’s Washington, D.C., affiliate. The House Science, Space and Technology Committee is looking into whether a federal police lieutenant who was injured in the blast was involved in cooking the meth. The lieutenant resigned from NIST last week, according to The Washington Post. The officer originally told authorities the blast occurred after trying to refill a butane lighter. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Encryption Hinders Investigations: FBI Chief

http://www.informationweek.com/mobile/mobile-devices/encryption-hinders-investigations-fbi-chief/d/d-id/1321231 By Thomas Claburn Informationweek.com July 8, 2015 FBI Director James Comey appeared before the Senate Judiciary Committee on Wednesday to argue for legal support to weaken strong encryption, which he claims obstructs criminal investigations. The title of the hearing, “Going Dark: Encryption, Technology, and the Balance Between Public Safety and Privacy,” borrows Comey’s characterization of encryption as way to conceal evidence of criminal acts. “We are seeing more and more cases where we believe significant evidence resides on a phone, a tablet, or a laptop—evidence that may be the difference between an offender being convicted or acquitted,” said Comey and Sally Quillian Yates, US Deputy Attorney General, in joint prepared remarks. “If we cannot access this evidence, it will have ongoing, significant impacts on our ability to identify, stop, and prosecute these offenders.” The concerns of Comey and Yates were echoed by Cyrus Vance Jr., District Attorney for New York County, who complained about the device encryption deployed by Apple and Google last fall. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Lawmakers criticize FBI’s request for encryption back doors

http://www.computerworld.com/article/2916895/encryption/lawmakers-criticize-fbis-request-for-encryption-back-doors.html By Grant Gross IDG News Service April 29, 2015 U.S. lawmakers are skeptical of an FBI request for Congress to mandate encryption workarounds in smartphones, with critics saying Wednesday that back doors would create new vulnerabilities that bad guys can exploit. It’s currently impossible for smartphone makers to build in back doors that allow law enforcement agencies access to encrypted communications but also keep out cybercriminals, witnesses and lawmakers said during a hearing before the IT subcommittee of the House Oversight and Government Reform Committee. Law enforcement representatives called on lawmakers to find a way to allow access to encrypted data as a way to prevent serious crime. Late last year, FBI Director James Comey called for a public debate on encryption after Apple and Google announced they would offer new encryption tools on their smartphone OSes. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] House cyber bills may hit floor separately

http://thehill.com/policy/cybersecurity/239062-house-cyber-bills-may-hit-floor-separately By Cory Bennett thehill.com 04/16/15 The two House bills to increase public-private cybersecurity information sharing may hit the floor separately next week after all, despite weeks of speculation the pair would be combined. The House Intelligence and Homeland Security committees have worked since January to develop two complementary bills. Together, the measures would grant companies liability protection when sharing cyber threat data with civilian government agencies. Committee leaders had hoped to merge their efforts before a floor vote to simplify the path to passage. But according to notifications from the House Rules Committee, the two bills will get individual floor votes. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] CfP – Workshop on Security and Privacy in Cloud-based Applications (in conjunction with ARES EU Projects Symposium 2015)

Forwarded from: “Egner, A.I.” *** Apologies for multiple copies *** CALL FOR PAPERS ************************************************************************ Workshop on Security and Privacy in Cloud-based Applications (in conjunction with ARES EU Projects Symposium 2015) Université Paul Sabatier, Toulouse, France, August 24th – 28th, 2015 http://www.ares-conference.eu/conference/ares-eu-symposium/au2eu/ ************************************************************************ Cloud services and cloud-based applications have become increasingly popular in the recent years. Security and privacy of the cloud-based applications have always been major roadblock for wide use of cloud services that involve sensitive data. Therefore this research field attracts a lot of attention from the academia and industry. The aim of the workshop is to provide the environment to exchange ideas and to foster discussions on a broad list of aspects related to privacy and security of cloud-based applications, and to find answers to questions like: How do we design authentication and authorization frameworks for cross-cloud environments, supporting different identity/attribute providers and organizational policies while guaranteeing privacy, security and trust? How can we extend current solutions with higher assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption techniques to address specific security and confidentiality requirements of large distributed infrastructures? What is the best way to validate practical aspects of the cloud-based applications, such as scalability, efficiency, maturity and usability? Next to regular sessions with research papers, the workshop will include an invited talk as well as a round table on “Evolution of privacy-preserving authentication and authorization tools: from concepts to deployment“, presenting the results of the FP7 AU2EU project (http://www.au2eu.eu/). CONFERENCE TOPICS The conference topics include, but are not limited to: – Privacy-preserving Authentication – Attribute-based Authorization – Integrated Authentication and Authorization – Assurance of Claims – Crypto-based Policy Enforcement – Attribute-based Encryption – Secure Data Management – Key Management – Trust Management – Operations under Encryption – Homomorphic Encryption – Searchable Encryption – Privacy-Preserving Data Mining – Security as a Service – Big Data Security PAPER SUBMISSIONS The proceedings of ARES 2014, published by Conference Publishing Services (CPS), are available here in the IEEE XPlore Digital Library. Authors are invited to submit research and application papers according the following guidelines: 8 pages (a maximum of 10 pages is tolerated), two columns, single-spaced, including figures and references, using 10 pt fonts and number each page. Submitted papers will be carefully evaluated based on originality, significance, technical soundness, presentation and clarity of exposition. Simultaneous submission of the same work to multiple venues, submission of previously published work, or plagiarism constitutes dishonesty or fraud. ARES, like other scientific and technical conferences and journals, prohibits these practices and may take action against authors who have committed them. Contact author must provide the following information at the ARES conference system: paper title, authors’ names, affiliations, postal address, phone, fax, and e-mail address of the author(s), about 200-250 word abstract, and about five keywords. Accepted papers will be given guidelines in preparing and submitting the final manuscript(s) together with the notification of acceptance. Double blind review: ARES requires anonymized submissions – please make sure that submitted papers contain no author names or obvious self-references. Details about submission can be found here: http://www.ares-conference.eu/conference/conference/submission/ IMPORTANT DATES Submission Deadline May 8, 2015 Author Notification June 1, 2015 Proceedings Version June 8, 2015 Conference August 24-28, 2015 PROGRAM CHAIRS – Milan Petkovic (General Chair), Philips Research / Eindhoven University of Technology – Netherlands – Jan Camenisch (Program Co-Chair), IBM Research – Zurich, Switzerland – John Zic (Program Co-Chair), CSIRO – Sydney, Australia – Alexandru Egner (Organization Co-Chair), Eindhoven University of Technology – Netherlands PROGRAM COMMITTEE – Giuseppe Ateniese, Sapienza University of Rome, Italy – George Danezis, University College London, UK – Refik Molva, EURECOM, France – Gerrit Bleumer, Scheidt & Bachmann, Germany – Ljiljana Brankovic, University of Newcastle, Australia – Jeroen Doumen, Irdeto, Netherlands – Csilla Farkas, University of South Carolina, USA – Pietro Colombo, University of Insubria, Italy – Simone Fischer-Hubner, Karlstad University, Sweden – Dieter Gollmann, Hamburg University of Technology, Germany – Tanya Ignatenko, Eindhoven University of Technology, Netherlands – Mizuho Iwaihara, Waseda University, Japan – Sushil Jajodia, George Mason University, USA – Nguyen Manh Tho, Vienna University of Technology, Austria – Guenther Pernul, University of Regensburg, Germany – Bart Preneel, KU Leuven, Belgium – Kai Rannenberg, Goethe University Frankfurt, Germany – Ahmad-Reza Sadeghi, Darmstadt University, Germany – Andreas Schaad, Huawei Research – Yuan Zhang, State University of New York at Buffalo, USA – Sabrina De Capitani di Vimercati, University of Milan, Italy For any questions, please contact the organization co-chair: a.i.egner (at) tue.nl


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Call for Papers – Workshop on Security and Privacy in Cloud-based Applications (in conjunction with ARES EU Projects Symposium 2015)

Forwarded from: “Egner, A.I.” CALL FOR PAPERS ************************************************************************ Workshop on Security and Privacy in Cloud-based Applications (in conjunction with ARES EU Projects Symposium 2015) Université Paul Sabatier, Toulouse, France, August 24th – 28th, 2015 http://www.ares-conference.eu/conference/ares-eu-symposium/au2eu/ ************************************************************************ Cloud services and cloud-based applications have become increasingly popular in the recent years. Security and privacy of the cloud-based applications have always been major roadblock for wide use of cloud services that involve sensitive data. Therefore this research field attracts a lot of attention from the academia and industry. The aim of the workshop is to provide the environment to exchange ideas and to foster discussions on a broad list of aspects related to privacy and security of cloud-based applications, and to find answers to questions like: How do we design authentication and authorization frameworks for cross-cloud environments, supporting different identity/attribute providers and organizational policies while guaranteeing privacy, security and trust? How can we extend current solutions with higher assurance of claims, trust indicators, policy enforcement mechanisms and processing under encryption techniques to address specific security and confidentiality requirements of large distributed infrastructures? What is the best way to validate practical aspects of the cloud-based applications, such as scalability, efficiency, maturity and usability? Next to regular sessions with research papers, the workshop will include an invited talk as well as a round table on “Evolution of privacy-preserving authentication and authorization tools: from concepts to deployment“, presenting the results of the FP7 AU2EU project (http://www.au2eu.eu/). CONFERENCE TOPICS The conference topics include, but are not limited to: – Privacy-preserving Authentication – Attribute-based Authorization – Integrated Authentication and Authorization – Assurance of Claims – Crypto-based Policy Enforcement – Attribute-based Encryption – Secure Data Management – Key Management – Trust Management – Operations under Encryption – Homomorphic Encryption – Searchable Encryption – Privacy-Preserving Data Mining – Security as a Service – Big Data Security PAPER SUBMISSIONS The proceedings of ARES 2014, published by Conference Publishing Services (CPS), are available here in the IEEE XPlore Digital Library. Authors are invited to submit research and application papers according the following guidelines: 8 pages (a maximum of 10 pages is tolerated), two columns, single-spaced, including figures and references, using 10 pt fonts and number each page. Submitted papers will be carefully evaluated based on originality, significance, technical soundness, presentation and clarity of exposition. Simultaneous submission of the same work to multiple venues, submission of previously published work, or plagiarism constitutes dishonesty or fraud. ARES, like other scientific and technical conferences and journals, prohibits these practices and may take action against authors who have committed them. Contact author must provide the following information at the ARES conference system: paper title, authors’ names, affiliations, postal address, phone, fax, and e-mail address of the author(s), about 200-250 word abstract, and about five keywords. Accepted papers will be given guidelines in preparing and submitting the final manuscript(s) together with the notification of acceptance. Double blind review: ARES requires anonymized submissions – please make sure that submitted papers contain no author names or obvious self-references. Details about submission can be found here: http://www.ares-conference.eu/conference/conference/submission/ IMPORTANT DATES Submission Deadline May 8, 2015 Author Notification June 1, 2015 Proceedings Version June 8, 2015 Conference August 24-28, 2015 PROGRAM CHAIRS – Milan Petkovic (General Chair), Philips Research / Eindhoven University of Technology – Netherlands – Jan Camenisch (Program Co-Chair), IBM Research – Zurich, Switzerland – John Zic (Program Co-Chair), CSIRO – Sydney, Australia – Alexandru Egner (Organization Co-Chair), Eindhoven University of Technology – Netherlands PROGRAM COMMITTEE – Giuseppe Ateniese, Sapienza University of Rome, Italy – George Danezis, University College London, UK – Refik Molva, EURECOM, France – Gerrit Bleumer, Scheidt & Bachmann, Germany – Ljiljana Brankovic, University of Newcastle, Australia – Jeroen Doumen, Irdeto, Netherlands – Csilla Farkas, University of South Carolina, USA – Pietro Colombo, University of Insubria, Italy – Simone Fischer-Hubner, Karlstad University, Sweden – Dieter Gollmann, Hamburg University of Technology, Germany – Tanya Ignatenko, Eindhoven University of Technology, Netherlands – Mizuho Iwaihara, Waseda University, Japan – Sushil Jajodia, George Mason University, USA – Nguyen Manh Tho, Vienna University of Technology, Austria – Guenther Pernul, University of Regensburg, Germany – Bart Preneel, KU Leuven, Belgium – Kai Rannenberg, Goethe University Frankfurt, Germany – Ahmad-Reza Sadeghi, Darmstadt University, Germany – Andreas Schaad, Huawei Research – Yuan Zhang, State University of New York at Buffalo, USA – Sabrina De Capitani di Vimercati, University of Milan, Italy For any questions, please contact the organization co-chair: a.i.egner (at) tue.nl


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] [CFP] BSides Las Vegas August 2015

Forwarded from: BSidesLV CFP: https://bsideslv.org/cfp/ First Round CFP closes April 15th. Round two opens May 25th and closes June 8th. BSidesLV 2015 will consist of seven main speaking tracks and one workshop track.It will also include Passwords, however they have a separate CFP. Look for that at https://passwordscon.org/ Proving Ground – First-time speaker* mentor-ship and scholarship program. Get matched with a great mentor who will assist you in crafting your talk and slides and we’ll cover up to $500 in costs for your trip to Las Vegas. *Regional BSides and local group meetings (OWASP/ISSA/ISACA etc.) do not fall into this category More info: http://www.bsideslv.org/speakers/cfp/proving-ground-call-for-papers/ Breaking Ground – Ground Breaking Information Security research and conversations on the “Next Big Thing”. Interactively discussing your research with our participants and getting feedback, input and opinion. No preaching from the podium at a passive audience. Common Ground – Other topics of interest to the security community. e.g., Lock-picking, hardware hacking, mental health/burnout, Law, Privacy, Regulations, Risk, Activism, etc. Again, interactive discussions with your peers and fellow researchers. Not passive lectures “at” an audience. Underground – OTR talks on subjects best discussed AFK. No press, no recording, no streaming, no names. Just you and your peers, behind closed doors. Think about it. Ground Truth – This  track is focused on innovative computer science and mathematics applied to security. Topics of interest include machine learning, natural language processing, Big Data technologies, cryptography, compression, data structures, zero knowledge proofs or just about anything academically publishable that usually baffles review committees for other conferences. Above The Ground Plane – The team that brings you the Wireless Village at DEFCON and the Wireless Capture the Flag contests at multiple conferences throughout the year is organizing a new speaking track for BSidesLV. The Above The Ground Plane track will consist of any and all forms of exciting hacks and unusual uses of wireless technology. Think you have something new and exciting, spread your spectrum and come share it. Trust us, you ohm it to yourself. Training Ground – Workshops and classes to give our participants hands-on experience and in-depth knowledge. We accept proposals for 1/2 day, full-day and 2-day workshops. We don’t charge for workshops, nor do we pay for them, although we may cover circuit boards. Conference information: https://bsideslv.org More CFP information: https://www.bsideslv.org/speakers/cfp/ CFP: https://bsideslv.org/cfp/ Security BSides Las Vegas, Inc. A 501(c)(3) Non-Profit Educational Corporation http://bsideslv.org info@bsideslv.org https://twitter.com/bsideslv


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Hackers target Birmingham City Council website in sustained attack

http://www.birminghammail.co.uk/news/midlands-news/hackers-made-24000-attempts-attack-8705246 By Neil Elkes Birmingham Mail 24 February 2015 Hackers launched a major attack on Birmingham City Council’s computer system . The authority’s website was hit by a ‘significant attack’ receiving 24,000 hits per minute on Friday in an attempt to breach its security leading to major action to protect the data. Service Birmingham Chief Executive Tony Lubman revealed the attack while appearing before the council’s contracts and partnership committee. He told the panel how fending off attacks takes considerable resources. “Birmingham is by far the largest local authority in Europe. You represent the Government and you are therefore a target,” he said. […]


Facebooktwittergoogle_plusredditpinterestlinkedinmail