MCYSEKA-Maritime Cyber Security Knowledge Archive

GFI Software researchers have identified 20 Android applications on the Google Play marketplace that lure users with offers of “free” products or money to fill out surveys.

The US National Institute of Standards and Technology (NIST) has published a new protocol for securely communicating with biometric sensors over wired and wireless networks using web services.

The UK’s Serious Organised Crime Agency has today confirmed that a DDoS attack forced it take its website off-line at 22:00 Wednesday. As of writing, 14:30 Thursday, it is still down.

A study by IBM’s Center for Applied Insights concludes that there are now three ‘types’ of CISO: influencers, protectors and responders. Evolution towards the ‘influencer’ role is necessary, and happening.

“While this could be called ‘blackmail,’ we prefer to think of it as an ‘idiot tax’ for leaving confidential data unprotected on a Web server,” announces an unidentified hacker group in a news statement on Pastebin.

Google has updated its Chrome 18 web browser with fixes for five vulnerabilities, including three high-risk flaws.

Steganography is the science of hiding data. Its most common digital use is to hide data within graphics – text hidden in a picture. Al-Qaeda apparently hid documents within porn videos on a memory stick.

While the number of vulnerabilities decreased by 20%, the number of malicious attacks continued to skyrocket by 81% in 2011, according to Symantec’s annual ‘Internet Security Threat Report’.

After being outed by security researcher Joxean Koret, Oracle has issued a fix for a zero-day database vulnerability that can be remotely exploited. It’s a flaw that was supposedly “fixed” in the company’s quarterly security update.

The UK Information Commissioner’s Office (ICO) has fined the Aneurin Bevan Health Board in South Wales £70,000 for a “serious breach” of the Data Protection Act, the first National Health Service (NHS) organization to receive a data breach fine.