MCYSEKA-Maritime Cyber Security Knowledge Archive

Google has changed its Play Store policy to make bait and switch malware tactics more difficult – an app that is downloaded via the Google Play mechanism must now also be updated via the Google Play mechanism.

Safari, the world’s fourth most popular browser, contains a universal cross-site scripting bug that could be exploited to steal cookies, passwords or files, perform cross-site request forgeries (CSRF) or install viruses via malicious Javascript.

Tiny Iceland has a history of facing down larger adversaries (in 1976 it ‘won’ the Cod Wars against the UK; in 2011 it sent US agents packing for not obeying protocol). But now it will face renewed scrutiny from two of the world’s most powerful agencie…

A couple of weeks ago, we were approached (independently) by two blind security enthusiasts who both drew our attention to the fact that Kali Linux had no built-in accessibility features. This made Kali difficult, if not impossible, to both install and…

Privileged accounts with insufficient security is a prime vector for targeted cyber-attacks, leading to theft, misuse and exploitation, and their compromise is becoming a key tactic in each phase of an advanced persistent threat (APT) attack cycle.

CISOs need to change their approach if they are to make their voice heard

Large-scale financial cybercrime and state-affiliated espionage dominated the security landscape in 2012, taking top (dis)honors for being behind the most breaches during the year.

Hacktivism and espionage are poised for growth, but cyberthreats will continue to follow the money.

More small firms are the victims of cyber attacks, and the cost of breaches is rising across the board, according to a PwC-BIS survey.

Advanced evasion techniques (AETs) rarely receive the full publicity they deserve – possibly because it is a term originally coined by one manufacturer (Stonesoft) to describe how attackers defeat other security manufacturers.