$230m fine proposed as penalty to British Airways from the Information Commissioner’s Office for the data breach that is believed to have affected thousands of their customers between April and June 2018. The breach was disclosed in September. Why It Happened ? This attack involved user traffic from British Airways website being diverted to a fraudulent… Read More »British Airways Hacked : Why It Happened & What Can You Learn?
(NASA Hacked) On 21 June, 2019 major news channels disclosed a major hack on NASA. Hackers were able to gain unauthorized access using Raspberry Pi and stole ‘Mars Mission Data’ and breached ‘NASA’s satellite dish network’. This happened around April 2018 and went unnoticed for for almost a year. It is advisable to do an… Read More »NASA Hacked : Why It Happened & What Can You Learn?
In recent past there have been some major breaches and some key reasons responsible for the breach were Shadow IT, Leaked Credentials, 3rd Party/Vendor Risks. Major breaches like American Express, Uber, Dropbox, Dunkin Donuts, British Airways & many more. This research was in line with this to continuosly monitor the web (surface,deep,dark) to understand the leaked credentials,… Read More »Shocking Results From Hidden Internet – Exposed Database,Leaked Passwords, Code Leaks & more
This free document is on Free 3rd Party Information Security Assessment Guideline (Courtesy Cybersecurity Malaysia). Cybersecurity Malaysia has made this great document with authors Nor’azuwa Muhamad Pahri and Noor Aida Idris Third Party Information Assessment Guideline Includes – Pre-Assessment Roles & Responsibilities for Organisations Develop Assessment Requirements Plan and Allocate Resources Evaluate 3rd Party Assessor… Read More »Free 3rd Party Information Security Assessment Guideline
This document is on Supplier Security Assessment Questionnaire (SSAQ) (Security self-Assessment and Reporting) (Courtesy Halkyn Consulting). This includes the following sections – Document Control Supplier Name & Address Assessment Completed by Date of assessment Additional Documents ProvidedRelevant Network Diagram Relevant Security Diagram Relevant System Architecture Technical Interface Design Relevant 3rd Party Security Assessment(s) (e.g. SAS… Read More »Free Supplier Security Assessment Questionnaire