Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Vonahi Security, as a member of the cybersecurity community committed to the prevention of all forms of harassment within our industry, hereby pledges its support for a workplace and community free from harassment and fear.

Although the Sarbanes-Oxley Act of 2002 (SOX) has been around for nearly two decades, many companies still struggle to meet compliance requirements. Initially enacted in response to public companies mishandling financial reporting, SOX is a compliance requirement for all public companies. Understanding SOX compliance, as well as its requirements and controls, helps organizations create more robust governance processes.

As organizations look for ways to improve network performance for user-facing application data, it is becoming increasingly evident that routing requests all the way to internal data centers is the least optimized model. Doing so increases latency, reduces available bandwidth, increases bandwidth requirements at the data center, and increases overall costs.

Cyberint Research observed a number of unsolicited malicious email (malspam) campaigns throughout July 2021 in which Agent Tesla has been used to deliver 'Oski Stealer' to a variety of targets worldwide. First observed around November 2019, Oski Stealer is a popular threat, used to gather credentials and/or financial data from victims, and is readily available to purchase on various cybercriminal forums, typically advertised by a threat actor known as 'oski_seller', for around US$70-100.

- Even as crime numbers fell overall in Singapore between 2016 and 2017, the percentage of cybercrimes grew from 15.6% to 16.6% of total crimes. This motivated the Singapore Police Force and the National Crime Prevention Council to re-enact cybercrime cases in a popular crime watch series. - In Australia, the Australian Cyber Security Centre’s Annual Cyber Threat report shows that a cyber crime is reported, on average, every ten minutes.

With the regular and much needed update to critical standards such as HIPAA, auditors and compliance experts need to be continuously on their toes to review and acquaint themselves with these new developments. One of the latest such updates is the Health Information Portability and Accountability (HIPAA) Enforcement rule, which has caused quite a stir in the industry due to confusion about its applicability.

This is part of my two-part blog series about HALOCHAIN technology. In this introductory blog, you will get a glimpse of SECUDE’s HALOCHAIN technology (Patent Pending) and how it will revolutionize the digital trading business. In my next blog, I will write about how system administrator holds the key to the company’s most critical data and how HALOCHAIN technology can be used to mitigate the risks related to log file manipulations.

Security teams that work in highly regulated industries or build solutions for consumers must adhere to compliance controls and regimes required for their business. One of the most important compliance requirements for many companies is the SOC 2 audit. The SOC 2 audit provides detailed information and quality assurance about essential security factors such as the confidentiality of data under your organization’s stewardship, privacy controls, and many other standards.

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we explore why organizations should implement Zero Trust in 2021. In 2010, John Kindervag introduced the concept of “Zero Trust” which has become a touchstone for cyber resilience and persistent security. Zero Trust is not a security product, architecture, or technology.

Servers are the backbone of an organisation’s IT infrastructure as they provide both information and computational services to its users. And because of their critical role, servers are always a prime target for hackers looking to exploit any vulnerability they can find, leading to data breaches and financial and reputational damage.