“See who’s tracking your email” What if we tell you that all our emails are being tracked and our information is being collected. Yes, it is high time we take security seriously and understand the gravity of the scenario. SPY PIXELS: To start with, let us first understand what spy pixels are. Spy pixels which are also known as tracking pixels or web beacons. They are invisible and tiny image files( .PNGs and .GIFs) which are inserted in the content body of an email. They may appear as clear, white…
Category: Incidents
FireEye Cyber breach – PART II
No organization is 100% secure – ever! As FireEye continued to investigate and identify the root cause of their security incident, they identified a global campaign that introduced a compromise into the networks of public and private organisations through the software supply chain. FireEye identified that this compromise was delivered through a widely used IT infrastructure management and remote monitoring software – SolarWinds. Although FireEye hasn’t attributed this attack to any particular group, based on several media reports, it is believed that this attack was carried out by a nation-state…
Fireeye Cyber Breach – PART I
No organization is 100% secure – ever! FireEye is one of the world’s renowned cybersecurity firms with customers including major government agencies and enterprise customers around the world. The company is known for its world-class research on state-sponsored threat actors and its incident response capabilities. On 8th December 2020, FireEye CEO Kevin Mandia said in a public statement that they were recently attacked by a highly sophisticated threat actor. “This attack is different from the tens of thousands of incidents we have responded to throughout the years. The attackers tailored…
Manchester United Cyber Attack
“A Cyber Gun to the Head” The Red Devils were attacked and it is believed that the cyber criminals are holding them to ransom for millions of pounds after hacking into their system. Manchester United released a statement late on Friday, 20 Nov of an attack on their IT systems that took place that very evening. The attack was identified and shut down by the cyber defences set up by the club’s IT team. It’s rumoured to be a ransomware attack for which the club has neither agreed or denied…
Risk Management
“Be Prepared for Anything!” What is Risk Management? Risk Management can be defined as the process of identifying, evaluation and prioritization of risks and further plan to monitor and reduce the impact of unfortunate incidents. ISO 31000 classifies risk management process into the following steps; communication and consultation; establishing the context; risk assessment, risk identification; risk analysis; risk evaluation; risk treatment; monitoring and review. Risk Management is an iterative process. Why is it important? Risk can come from different sources in and out of an organization. It is important to…
COMMON VULNERABILITIES AND EXPOSURES (CVE) – October 2020
In the fast moving world of cybersecurity, it is necessary for us to stay updated of the latest vulnerabilities and patch them immediately to prevent any incident from occurring.
WHAT IS A FIREWALL? – IMPORTANCE & TYPES OF A FIREWALL
There are hackers spreading malicious data to your networks and a firewall acts as a barrier to prevent the entry of malicious data into the network by blocking unknown traffic from entering your network and thereby securing the network from cyber attacks.
Phases of a penetration test
In this article, we will look at the various steps involved in a pen test. Although different frameworks or methodologies might state fewer steps than those listed below, the steps below would be included in one form or another:
Cybersecurity Checklist
A detailed look into cybersecurity checklist that an organisation can follow to avoid any security incidents and financial loss in the future due to poor security posture.
Information Security Management Systems
A company is only as strong as the rules it’s built on.