Enlace del recurso

Tabla de Contenidos: “…Die Verhandlungen in Wassenaar -- VI. Die Ratifizierung des Luxemburger Abkommens -- VII. …”

Tabla de Contenidos: “…. -- 7:11 Cyber Criminal's Song -- Chapter 8: Exploits Sit Lonely on the Shelf -- 8:1 Please stand -- now, please be seated -- 8:2 Witches, Warlocks, and Wassenaar -- 8:3 Compiler Bug Backdoors -- 8:4 A Protocol for Leibowitz -- 8:5 Jiggling into a New Attack Vector -- 8:6 Hypervisor Exploit, Five Years Old -- 8:7 Stegosploit -- 8:8 On Error Resume Next -- 8:9 Unbrick My Part -- 8:10 Backdoors up my Sleeve -- 8:11 Naughty Signals -- 8:12 Weird Crypto -- Useful Tables -- Index -- Colophon -- Footnotes -- Introduction -- Chapter 0: A CFP with POC -- Chapter 1: Proceedings of the Society of PoC∥GTFO -- Chapter 2: The Children's Bible Coloring Book of PoC∥GTFO…”

“…Contributors to this volume are: Najib George Awad, Henk van den Belt, Nadine Bowers Du Toit, Jaeseung Cha, David Daniels, David Fergusson, Jan Jorrit Hasselaar, Jozef Hehanussa, Allan Janssen, Klaas-Willem de Jong, Viktória Kóczián, Philipp Pattberg, Louise Prideaux, Emanuel Gerrit Singgih, Peter-Ben Smit, Thandi Soko-de Jong, Wim van Vlastuin, Jan Dirk Wassenaar, Elizabeth Welch, Annemarieke van der Woude, and Heleen Zorgdrager…”

Tabla de Contenidos: “…Visa 102 3 Cybersecurity Requirements for Specific Industries 105 3.1 Financial Institutions: Gramm-Leach-Bliley Act Safeguards Rule 106 3.1.1 Interagency Guidelines 106 3.1.2 Securities and Exchange Commission Regulation S-P 109 3.1.3 FTC Safeguards Rule 110 3.2 Financial Institutions and Creditors: Red Flag Rule 112 3.2.1 Financial Institutions or Creditors 116 3.2.2 Covered Accounts 116 3.2.3 Requirements for a Red Flag Identity Theft Prevention Program 117 3.3 Companies that use Payment and Debit Cards: Payment Card Industry Data Security Standard (PCI DSS) 118 3.4 Health Providers: Health Insurance Portability and Accountability Act (HIPAA) Security Rule 121 3.5 Electric Utilities: Federal Energy Regulatory Commission Critical Infrastructure Protection Reliability Standards 127 3.5.1 CIP-003-6: Cybersecurity - Security Management Controls 127 3.5.2 CIP-004-6: Personnel and Training 128 3.5.3 CIP-006-6: Physical Security of Cyber Systems 128 3.5.4 CIP-007-6: Systems Security Management 128 3.5.5 CIP-009-6: Recovery Plans for Cyber Systems 129 3.5.6 CIP-010-2: Configuration Change Management and Vulnerability Assessments 129 3.5.7 CIP-011-2: Information Protection 130 3.6 Nuclear Regulatory Commission Cybersecurity Regulations 130 4 Cybersecurity and Corporate Governance 133 4.1 Securities and Exchange Commission Cybersecurity Expectations for Publicly Traded Companies 134 4.1.1 10-K Disclosures: Risk Factors 135 4.1.2 10-K Disclosures: Management's Discussion and Analysis of Financial Condition and Results of Operations (MD&A) 137 4.1.3 10-K Disclosures: Description of Business 137 4.1.4 10-K Disclosures: Legal Proceedings 138 4.1.5 10-K Disclosures: Examples 138 4.1.5.1 Wal-Mart 138 4.1.5.2 Berkshire Hathaway 143 4.1.5.3 Target Corp 144 4.1.6 Disclosing Data Breaches to Investors 147 4.2 Fiduciary Duty to Shareholders and Derivative Lawsuits Arising from Data Breaches 150 4.3 Committee on Foreign Investment in the United States and Cybersecurity 152 4.4 Export Controls and the Wassenaar Arrangement 154 5 Anti-Hacking Laws 159 5.1 Computer Fraud and Abuse Act 160 5.1.1 Origins of the CFAA 160 5.1.2 Access without Authorization and Exceeding Authorized Access 161 5.1.2.1 Narrow View of "Exceeds Authorized Access" and "Without Authorization" 163 5.1.2.2 Broader View of "Exceeds Authorized Access" and "Without Authorization" 167 5.1.2.3 Attempts to Find a Middle Ground 169 5.1.3 The Seven Sections of the CFAA 170 5.1.3.1 CFAA Section (a)(1): Hacking to Commit Espionage 172 5.1.3.2 CFAA Section (a)(2): Hacking to Obtain Information 172 5.1.3.3 CFAA Section (a)(3): Hacking a Federal Government Computer 176 5.1.3.4 CFAA Section (a)(4): Hacking to Commit Fraud 178 5.1.3.5 CFAA Section (a)(5): Hacking to Damage a Computer 181 5.1.3.5.1 CFAA Section (a)(5)(A): Knowing Transmission that Intentionally Damages a Computer Without Authorization 181 5.1.3.5.2 CFAA Section (a)(5)(B): Intentional Access Without Authorization that Recklessly Causes Damage 184 5.1.3.5.3 CFAA Section (a)(5)(C): Intentional Access Without Authorization that Causes Damage and Loss 185 5.1.3.5.4 CFAA Section (a)(5): Requirements for Felony and Misdemeanor Cases 186 5.1.3.6 CFAA Section (a)(6): Trafficking in Passwords 188 5.1.3.7 CFAA Section (a)(7): Threatening to Damage or Obtain Information from a Computer 190 5.1.4 Civil Actions under the CFAA 193 5.1.5 Criticisms of the CFAA 195 5.2 State Computer Hacking Laws 198 5.3 Section 1201 of the Digital Millennium Copyright Act 201 5.3.1 Origins of Section 1201 of the DMCA 202 5.3.2 Three Key Provisions of Section 1201 of the DMCA 203 5.3.2.1 DMCA Section 1201(a)(1) 203 5.3.2.2 DMCA Section 1201(a)(2) 208 5.3.2.2.1 Narrow Interpretation of Section (a)(2): Chamberlain Group v. …”