In 2012, Saudi Aramco, the prominent global energy company, encountered a severe and unprecedented cyber incident that sent shockwaves through the industry. The company fell victim to a malicious software attack known as Shamoon, which was a devastating assault on Read more…
In 2011, Hungarian cyber security researchers made a significant discovery of three information-stealing malware: Duqu, Flame, and Gauss. This malware was found to be related as they shared the same framework. Duqu, designed for information gathering, attempted to conceal data Read more…
In 2017, a central Indian bank, ICICI Bank, faced a significant phishing attack that targeted its customers. The attack aimed to deceive customers into revealing their sensitive banking information, leading to potential financial fraud and identity theft. The phishing campaign Read more…
In 2016, one of the world’s largest and most prominent technology companies, Google, fell victim to a sophisticated phishing attack. The attack targeted many users, including regular individuals, journalists, and high-profile political figures. The attackers crafted a compelling and deceptive Read more…
In 2020, a leading Indian e-commerce company, Flipkart, experienced a significant phishing attack that targeted its customers. The attack aimed to deceive users into revealing their personal and financial information, potentially leading to identity theft and fraud. The phishing campaign Read more…
Compliance audits are systematic reviews conducted by organizations to assess whether their operations, processes, and activities adhere to applicable laws, regulations, policies, and industry standards. These audits ensure businesses comply with legal and regulatory requirements, internal policies, ethical guidelines, and Read more…
In the realm of cybersecurity, there are numerous methodologies employed to assess and enhance the resilience of an organization’s digital infrastructure. Two commonly discussed practices are Vulnerability Assessment and Penetration Testing (VAPT) and Red Teaming. While these terms may sound Read more…
ISO 27001 and Cyber Essentials are popular frameworks for managing and improving organisation information security. While they share some similarities, they differ in scope, requirements, and objectives. Here is a detailed comparison of ISO 27001 and Cyber Essentials: ISO 27001 Read more…
PIPEDA is the Personal Information Protection and Electronic Documents Act, Canada’s federal privacy law for private sector organisations. Compliance with PIPEDA brings several benefits to organisations operating in Canada. Here are some of the detailed benefits of PIPEDA compliance: Legal Read more…
The American Institute of CPAs (AICPA) established SOC 2, Service Organisation Control 2, a widely accepted auditing standard. It focuses on the controls and processes related to security, availability, processing integrity, confidentiality, and privacy within a service organisation. SOC 2 Read more…