Recent reports by security analysts and researchers point to an increased use of free-to-use browser automation frameworks by attackers. The framework called Browser Automation Studio (BAS) includes various features such as browser emulation, mimicking human behaviour, and the ability to load data from URL, some of which have attracted several distinct threat actors, who are exploiting these for carrying out malware and credential stuffing attacks.

A subscription-based model like Software-as-a-Service (SaaS), Ransomware-as-a-Service (RaaS) provides users with tools and software to execute ransomware attacks with high-paying rewards that are collectively distributed among all the players involved.

The Indian Computer Emergency Response Team’s (CERT-In) recent Directions cover a host of measures aimed at strengthening the country’s cybersecurity. The larger objective is to capture the Indicator of Compromise (IOCs) and Threat Vectors of each incident and create an Intel database that could be used for securing the cyber defenses.

Ransomware is a multi-stage problem, that requires a multi-stage solution to effectively contain the attack at any stage. A typical ransomware attack goes through six distinct stages, and deconstructing each of these can help organizations strengthen their preparation and response strategies.

Data is the most critical asset for any organization, and businesses cannot ensure its security if they are unaware of its existence and purpose. Data security refers to a set of controls or techniques that ensure the maintenance of confidentiality, integrity, and availability of data throughout its lifecycle.

While PCI DSS 4.0 standards mandate any business that stores, processes, or transmits cardholder data to make substantial changes to their security controls and policies, merchants and service providers are also required to implement stringent controls, especially around authentication, reporting of security events and intrusion-detection systems, among others.

Ransomware gangs, through the expansion of toolset, adoption of new monetization models and use of advanced technology, are re-shaping the attack landscape – moving it away from the commodity-styled ‘spray and pray’ attacks to ones that are more targeted in scope and disruptive in impact.

SISA has been observing that the use of custom malware and genuine tools by intruders, as a defence evasion technique for lateral movement is becoming widespread, necessitating enterprises to invest in robust endpoint response solutions.

The customized approach offers flexibility to organizations that decide to use different methods to achieve security objectives of PCI DSS requirements by determining innovative controls that address evolving threats and technologies.

The newly released PCI DSS 4.0 continues to be hotly debated and discussed, since its launch on 31st March 2022. This post helps answer some of the frequently asked questions on the new standard including implementation queries, to help create awareness and guide organizations in their transition.