Best Practices to Achieve PCI Compliance
Six Best Practices to Achieve Compliance with PCI DSS 4.0

The new PCI DSS 4.0 standards place a razor-sharp focus on security as a continuous process, while adding stringent controls to enhance validation methods. It is therefore imperative that organizations create a well-designed data security and compliance program that continues to evolve and looks beyond the check-box routine.

Read More
SISA point of view on Uber breach and Key Learnings
Point of View – Learnings from the Uber Breach

On September 15th, Uber confirmed reports of an organization-wide cybersecurity breach. This is not the first time that Uber has been compromised. Similar instances have been reported in 2014 and 2016, and it appears that hardcoded credentials stored inside code and scripts were the case in all three incidents. The recent episode although claimed to have been an act of fun, does point to a few key learnings.

Read More
Browser Automation Framework
The rising threat of Browser Automation Framework: All you need to know!

Recent reports by security analysts and researchers point to an increased use of free-to-use browser automation frameworks by attackers. The framework called Browser Automation Studio (BAS) includes various features such as browser emulation, mimicking human behaviour, and the ability to load data from URL, some of which have attracted several distinct threat actors, who are exploiting these for carrying out malware and credential stuffing attacks.

Read More
Anatomy of a Ransomware Attack
Decoding the Anatomy of a Ransomware Attack

Ransomware is a multi-stage problem, that requires a multi-stage solution to effectively contain the attack at any stage. A typical ransomware attack goes through six distinct stages, and deconstructing each of these can help organizations strengthen their preparation and response strategies.

Read More
SISA’s Latest
close slider