Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

Security Update: Transaction Reversal Fraud - UK Edition

On November 21st, NCR issued a security alert for a new form of Transaction Reversal Fraud (TRF) occurring in the UK, typically between 10 PM and midnight on any given day. Contrary to previously reported TRF attacks in which cash is pried from the dispenser after a payment reversal is initiated due to the jamming of the card reader, this new method does not require any interaction with the card reader or the use of modified cards.

Vendor Risk Assessment Questionnaire Template

A vendor risk management questionnaire (also known as a third-party risk assessment questionnaire or vendor risk assessment questionnaire) is designed to help your organization identify potential weaknesses among your third-party vendors and partners that could result in a data breach, data leak or other type of cyber attack.

Security for Cloud Services: PaaS Deep Dive

Traditional IT organisations have seen significant gains in adopting Platform as a Service (PaaS) solutions. In this blog post, the second in a series looking at the ways to adapt your security operations to reflect the new technologies of cloud solutions, we’re going to look at what you should consider when implementing your security controls for a PaaS environment.

Ransomware: 'Tis the Season for Retailers to be Prepared

‘Tis the season! Winter holidays are upon us, and with it brings the yearly high-volume online shopping season we all know as Black Friday/Cyber Monday (BFCM). With the total US consumer spending estimated at over $717 billion in the 2018 BFCM season, retailers know that the next few weeks are a critical time for their infrastructure. Unfortunately, so do ransomware attackers.

Cloud Security Threats: Escaping the Egregious Eleven - Part Two

Depending on your familiarity with the Cloud Security Alliance (CSA) publications, part one of this blog was intended as either an introduction or a nagging reminder of the ‘Egregious Eleven’ security threats to cloud computing. It also hopefully made some helpful observations about the first six items on the list. Part two now looks at the remaining five threats, starting with...

Weekly Cyber Security News 22/11/2019

A selection of this week’s more interesting vulnerability disclosures and cyber security news. Leaky bucket time once again. With so much effort by the providers to make it as hard as possible to accidentally expose data, then for the devs to try really hard to undo all of that because they are too lazy (or lack understanding) to do a proper job, is utterly mystifying. Please, please try and make the effort...

What is an Incident Response Plan?

An incident response plan is a set of written instructions that outline your organization's response to data breaches, data leaks, cyber attacks and security incidents. Incident response planning contains specific directions for specific attack scenarios, avoiding further damages, reducing recovery time and mitigating cybersecurity risk. Incident response procedures focus on planning for security breaches and how organization's will recover from them.

The Importance of Alert Grouping

Alerts are one of the most important information sources when it comes to cyber security. They notify and inform your IT team about ongoing cyber threats, security events and any other incident that might threaten your organization. In this article, we will focus on alert grouping and why it is important for the security of your organization.