I wrote about security of transactions in a scenario where the attack starts after the transactions were confirmed and attacker has limited time on hand.

I think that the scenario is of practical relevance:

Assume that the checksum of a company's book is regularly committed to the Bitcoin block chain. The CFO learns that an error was made with a time lag.
The question is if he can camouflage it by buying 50%+ mining capacity for a short period of time, that he can afford.