Master Copies, Unique Copies and Volitional Conduct: Cartoon Network’s Implications for the Liability of Cyber Lockers

As technology advances, new types of devices and increasing compatibility of data formats make it possible to use files previously accessible on only one or two devices. For example, a person might wish to access a business file (formerly stored on a work computer or perhaps even in a file cabinet at the office) from her smart phone. Similarly, another might wish to access his MP3 collection (stored on an iPod or personal computer) from his work computer. Such technological progress has paved the way for innovative digital, cable and Internet services that enable users to enjoy copyrighted content in new ways: from time-shifting via VCRs to place-shifting via new TV devices; from instantly purchasing a movie through video on demand to watching a live stream of sports coverage on the Internet. One type of service that has recently proliferated is the digital storage locker—also known as the cyber locker

Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse

Domain squatting is a common adversarial practice where attackers register domain names that are purposefully similar to popular domains. In this work, we study a specific type of domain squatting called "combosquatting," in which attackers register domains that combine a popular trademark with one or more phrases (e.g., betterfacebook[.]com, youtube-live[.]com). We perform the first large-scale, empirical study of combosquatting by analyzing more than 468 billion DNS records---collected from passive and active DNS data sources over almost six years. We find that almost 60% of abusive combosquatting domains live for more than 1,000 days, and even worse, we observe increased activity associated with combosquatting year over year. Moreover, we show that combosquatting is used to perform a spectrum of different types of abuse including phishing, social engineering, affiliate abuse, trademark abuse, and even advanced persistent threats. Our results suggest that combosquatting is a real problem that requires increased scrutiny by the security community.Comment: ACM CCS 1

User-profile-based analytics for detecting cloud security breaches

While the growth of cloud-based technologies has benefited the society tremendously, it has also increased the surface area for cyber attacks. Given that cloud services are prevalent today, it is critical to devise systems that detect intrusions. One form of security breach in the cloud is when cyber-criminals compromise Virtual Machines (VMs) of unwitting users and, then, utilize user resources to run time-consuming, malicious, or illegal applications for their own benefit. This work proposes a method to detect unusual resource usage trends and alert the user and the administrator in real time. We experiment with three categories of methods: simple statistical techniques, unsupervised classification, and regression. So far, our approach successfully detects anomalous resource usage when experimenting with typical trends synthesized from published real-world web server logs and cluster traces. We observe the best results with unsupervised classification, which gives an average F1-score of 0.83 for web server logs and 0.95 for the cluster traces

Data security awareness within the scope of digital public relations practices and privacy

Public relations (PR) practices vary in parallel with the devel- opments in cornmunication technologies and the progress of web 2.0 and 3.0 technologies and are increasingly acquiring a digital form. Such circumstances bring PR practices to digital platforms, which are currently digital public relations. The concept of digi- tal public relations; effectuates the strategic relationship manage- ment goals based on favorable between the organization and its target audiences via digital platforms. Hence, conveying the PR career to the extended reality (XR) -most probably the metaverse- has evolved additionally. On the contrary, the digitalization of everything-things drives ali business processes computer-based and refines them in data/info security..

Kill the Dinosaurs, and Other Tips for Achieving Technical Competence in Your Law Practice

It is a challenge to practice law in the digital age. This is particularly true when a practice involves significant e-Discovery, Intellectual Property, and technology law—areas in which technical issues merge with legal ones. One of the major challenges of bringing a law practice up to twenty-first-century standards relates to dinosaur thoughts, a.k.a. an “old ways are best” mentality

A Shift from Cloud Computing Model to Fog Computing

Cloud computing has provided many opportunities to businesses and individuals. It enables global and on demand network access to a shared pool of resources with minimal management effort. However, this bliss has become a problem for latency-sensitive applications. To improve efficiency of cloud and to reduce the amount of data that needs to be transported to the cloud for data processing, analysis and storage, a new network architect technology 'Fog Computing' has been introduced. In fog computing, small applications and resources are processed at the edge of the cloud, rather than processing entire applications on the cloud

Security Posture: A Systematic Review of Cyber Threats and Proactive Security

In the last decade, several high-profile cyber threats have occurred with global impact and devastating consequences. The tools, techniques, and procedures used to prevent cyber threats from occurring fall under the category of proactive security. Proactive security methodologies, however, vary among professionals where differing tactics have proved situationally effective. To determine the most effective tactics for preventing exploitation of vulnerabilities, the author examines the attack vector of three incidents from the last five years in a systematic review format: the WannaCry incident, the 2020 SolarWinds SUNBURST exploit, and the recently discovered Log4j vulnerability. From the three cases and existing literature, the author determined that inventory management, auditing, and patching are essential proactive security measures which may have prevented the incidents altogether. Then, the author discusses obstacles inherent to these solutions, such as time, talent, and resource restrictions, and proposes the use of user-friendly, open-source tools as a solution. The author intends through this research to improve the security posture of the Internet by encouraging further research into proactive cyber threat intelligence measures and motivating business executives to prioritize cybersecurity