USA
India
APAC
Middle East
Rest of the Countries
Pages
- About Sisa
- Application Penetration Testing
- Become Partner
- BH
- Blogs
- Careers
- Case Study
- Compliance
- Cyber Resilience
- Data Protection
- Enquiry
- Events
- Expert Corner – A Comprehensive Guide to Log4j Vulnerability & Combat Techniques
- Home
- IN
- Infosec Reports
- Insights
- login
- Managed Security Services
- Management Team
- News Room
- Privacy Policy
- Resources
- Security Advisory
- Security Testing
- SG
- Sisa News
- Sitemap
- Terms of Use
- Thank You
- Thank You – Brochure
- Thank You – Case Study
- Thank You – InfoSec Report
- Thank You – Security Advisory
- Thank You – Webinar Q&A
- Thank You – White Paper
- Training
- US
- Webinars
- White Papers
Posts by category
- Category: Blogs
- What is a Business Continuity Plan and Why your Company Needs One?
- Rapid Attack Remediation and Cyber Risk Management – Panel Discussion with ISACA Singapore
- VIDIVA Transforms Payment Security – PCI DSS Assessment by SISA
- How to Comply with GDPR Guidelines? Your Complete GDPR Guide
- Key Insights: Decoding RBI instructions on Card Payments Security
- Addressing Existential Cyber Risks in Financial Institutions
- Data Protection and Cybersecurity Regulations in Singapore
- AI in Cybersecurity: Incident Response Automation Opportunities
- Indicators of Behavior: A Shift to Cyber Resilience
- Data Classification: A necessity to secure your business
- 6 Reasons Why You Need Incident Response as a Service
- What is Threat Hunting in cybersecurity domain
- Multinational Restaurant Chain Data Breach – Things You Should Know
- Cyber Resilience in the Aviation Industry
- Nagios XI Security Vulnerabilities Exploited to Run Cryptomining Malware
- MITRE ATT&CK Framework: All you need to know
- Data Discovery for Securing Sensitive Data on the Cloud
- 5 Reasons Why You Should Pursue CPISI 2.0 Certification
- 5 Most Common Application Vulnerabilities and How to Mitigate Them
- Zeoticus 2.0 Ransomware – All You Need to Know
- Nefilim Ransomware
- PCI DSS – 5 Most Commonly Observed Control Failures
- MineBridge Malware Puts Companies on High Alert | Threat Spotlight
- Do You Need to Adhere to PCI PIN Security Requirements?
- How Can CISOs Easily Adopt Zero-Trust Security?
- How to Detect and Prevent DNS Hijacking?
- Introduction to PCI Software Security Framework (SSF)
- GDPR Compliance and Significance of Securing PII
- Data Security during Work from Home with Managed Detection and Response
- Insider Threat: Human Vulnerabilities Resulting in Cyber Attacks
- Importance of Log monitoring and Threat Landscape
- 9 Things to Keep in Mind while Choosing a SIEM Solution
- Two Massive Data Breaches in a Span of Two Weeks. What are the Lessons to Learn?
- Ways to Reduce Rising Email Based Threats and Uphold Better Data Security
- Online Skimming – The Emerging Payment Card Fraud
- How Organizations can Safeguard Personal Identifiable Information (PII)
- Reconnaissance – the Eagle’s Eye of Cyber Security
- Why do Organizations need to invest in PCI Training?
- Everything you Wanted to Know About PCI SAQ (Self-Assessment Questionnaire)
- How Data Discovery Tools Can Help Zero-in on Data Non-Compliance
- How to Protect your Organization from a Potential Breach
- The Biggest Info-Security Learning from 2018
- Cryptojacking – Threat, Impacts and how to protect business from becoming a victim
- Top 5 Points to consider before meeting your MDR Solution Provider
- Why you should upgrade your MDR solution in 2019
- Securing your organization with credential-based vulnerability assessment
- Mitigating Data Breaches in Payment Security with SISA’s PaySIRF
- Top 5 Considerations in PCI DSS Card Data Discovery
- Cyber Security Risks In Social Media Banking
- PCI Standards for India’s Emerging Digital Payment Modes
- 8 Immediate Steps post resurfacing of Fake Response Malware
- PCI SSC Announces the GEAR Members
- Norm on Storage of Payment System Data by RBI
- Maintaining Sustainable PCI DSS Compliance
- How to Secure Mobile Payment Applications
- Scoping for PCI DSS Compliance
- EMV and PCI DSS – Complementing or competing standards?
- Getting Ready for Cyber Security
- Understanding PCI DSS Penetration Test Guidance v1.0
- PCI DSS for e-Commerce/m-Commerce: Challenges and Remediations
- Information Security Facet of Data Protection Act UK
- Evolving trends in Payment Card industry
- POS Malware (Stealth tool to steal the valuable Card Details in your Pocket)
- Adobe Flash Zero-Day Vulnerability – Operation Clandestine Wolf by FireEye
- Judgment Day – Quashing of Section 66A of IT (Amendment) Act 2008
- SSL is Dead: What to do for PCI DSS Compliance
- Healthcare Interoperability – Privacy & Security
- Internet of Things – The Changing Information Landscape
- Risk Assessment Challenges and Opportunities
- Why to integrate PCI DSS and HIPAA?
- Risk Analysis – Success Factor for HIPAA Compliance
- How to Combat Card Data Breaches?
- How Not to Fail in PCI DSS Compliance?
- Have Indian Companies Got It Right On Payment Card Security?
- Android, is it Secure?
- NFC payment – New milestone in Payment Industry
- How to select the best PCI compliance service provider
- Comparison between ISO 27005, OCTAVE & NIST SP 800-30
- Detecting Card Numbers
- Combat social engineering attacks with these mantras
- Identifying Web Application Firewall in a Network
News
- SISA at First-ever PCI India Forum, March 2019
- Dharshan Shanthamurthy Addresses ISACA Bangalore Chapter
- QIIB awarded prestigious Certification (PCI-DSS) for excelling in Information Security
- Multinational Restaurant Chain Data Breach Resurfaces; Customer Location, Mobile Numbers Exposed
- Data Breach in the Aviation Industry, worse than first thought
- NIST publishes draft cybersecurity framework for ransomware risk management
- Hackers Tricked Microsoft Into Certifying Malware That Could Spy on Users
- Cybercriminals took advantage of WFH to target financial services companies
- Cyberattacks Should be Treated as a National Disaster in the U.S.
- API Security: An Emerging CISO Pain Point
- What is Pegasus? A cybersecurity expert explains how the spyware invades phones and what it does, when it gets in
- PCI Security Standards Council and the Cloud Security Alliance issue guidance on scoping cloud environments
- EHR cyberattack, downtime caused $112.7M in lost revenue, recovery
- Hacker returns more than $260 million in a cryptocurrency attack
- 7 in 10 Organizations in India Likely to Suffer a Data Breach Next Year: Report
- Shadow IT Risks CISOs Should Know
- ReverseRAT 2.0 Uses Nightfury Agent to Target New Victims
- Glowworm: An Attack Technique that Recovers Sound via LED
- The Tokyo Olympics are a cybersecurity success story
- Dallas cops lost 8TB of criminal case data during bungled migration, says the DA… four months later
- Sensitive government data could be another casualty of Afghan pullout
- Unpatched Fortinet Bug Allows Firewall Takeovers
- Ransomware: Now attackers are exploiting Windows PrintNightmare vulnerabilities
- Microsoft warns of widespread open redirection phishing attack – which Defender can block, coincidentally
- FBI, CISA warn of potential cyberattacks over holiday weekends
- Atlassian Confluence flaw actively exploited to install cryptominers
- SolarWinds hackers targeted Autodesk in latest confirmed fallout
- IoT Attacks Skyrocket, Doubling in 6 Months
- US Cyber Command Warns of Ongoing ‘Mass Exploitation’ of Critical Confluence Vuln
- Attackers Exploiting Windows Zero-Day Flaw
- Device Management Issues in Corporate Environments
- University of Minnesota Unveils Center for Medical Device Cybersecurity
- Google patches two Chrome zero-days
- Over 60 million wearable, fitness tracking records exposed via unsecured database
- The state of ransomware: national emergencies and million-dollar blackmail
- Victoria launches five-year, AU$50 million cyber strategy
- Ongoing Phishing Campaign Targets APAC, EMEA Governments
- Tokenization – paving the way for the future of payments
- Security audit raises severe warnings on Chinese smartphone models
- Second farming cooperative shut down by ransomware this week
- Multi-party breaches cause 26-times the financial damage of the worst single-party breach: Report
- This phishing-as-a-service operation is responsible for many attacks against businesses, says Microsoft
- Hunker down: The chip shortage and higher prices are set to linger for a while
- Wide-ranging BEC scam underscores dangers of doing business with (un)trusted suppliers
- Microsoft warns: Active Directory FoggyWeb malware being actively used by Nobelium gang
- CISA Launches Insider Threat Self-Assessment Tool
- Telegram bots are trying to steal your one-time passwords
- Fired IT admin revenge-hacks school by wiping data, changing passwords
- Digital transformation forces manufacturers to take a more unified asset management approach
- Hackers rob thousands of Coinbase customers using MFA flaw
- Hackers breach nine global organizations in ongoing espionage campaign
- Robinhood breach leaks information of 7 million people
- CISA warns of equipment vulnerabilities from multiple vendors
- The Biggest Ransomware Bust Yet Might Actually Make an Impact
- DDR4 memory protections are broken wide open by new Rowhammer technique
- This mysterious malware could threaten millions of routers and IoT devices
- US, Australia and UK warn Iranian hackers leveraging known vulnerabilities to deploy ransomware
- Hackers Compromised Middle East Eye News Website to Hack Visitors, Researchers Say
- Hackers Exploiting ProxyLogon and ProxyShell Flaws in Spam Campaigns
- Hackers used Magento flaw to steal credit card details from thousands of online retailers
- The ransomware threat is getting worse. But businesses still aren’t taking it seriously
- Ransomware warning: Hackers see holidays and weekends as a great time to attack
- Microsoft Defender for Endpoint laid low. Not by malware, but by another buggy Windows patch
- Shopping online? FBI says beware of these holiday scams and phishing threats
- Hackers are targeting this Microsoft Windows Installer flaw, say security researchers
- Hackers are turning to this simple technique to install their malware on PCs
- Kronos ransomware attack may cause weeks of HR solutions downtime
- CISA adds Log4j to critical vulnerabilities list
- Second Log4j vulnerability found; Apache releases patch
- Thousands of Industrial Systems Targeted With New ‘PseudoManuscrypt’ Spyware
- Belgian Defense Ministry confirms cyberattack through Log4j exploitation
- Brand-New Log4Shell Attack Vector Threatens Local Hosts
- This ransomware strain just started targeting lots more businesses
- Police found 225 million stolen passwords hidden on a hacked cloud server
- Log4j flaw: Attackers are ‘actively scanning networks’ warns new CISA guidance
- Recent Ransomware Trends Reinforce the Need for Cyber Hygiene, Collaboration
- Work-from-Anywhere Requires “Work-from-Anywhere Security”
- Ongoing Phishing Campaign Targets APAC, EMEA Governments
- Tokenization – paving the way for the future of payments
News Room
- SISA Information Security Becomes One of CERT-In Empanelled Information Security Audit Service Providers
- Payment security SISA forges strategic partnership with fintech firm Bankograph
- CPISI Workshop Receives Overwhelming Response from Payment Security Professionals in the US
- MTB receives PCI DSS certificate from SISA
- SISA Conducts Another Successful PCI DSS Implementation Workshop in the USA
- SISA Validates Al Baraka Bank for being PCI DSS v3.2.1 Compliant
- Bahrain Commercial Facilities Company attains PCI DSS Certificate from SISA
- UAE’s National Bank of Umm Al- Qaiwain achieves PCI DSS compliance
- ANNOUNCEMENT: SISA awarded CREST Penetration Testing and Vulnerability Assessment Accreditation
- SISA certifies BRAC Bank on PCI DSS v3.2.1
Case Studies
- Simplifying PCI DSS Certification and Bolstering Security with SISA Radar – Data Discovery Tool
- Structured Approach to Multi-Location PCI DSS Compliance for Better Time Management
- Helping Legacy Bank Achieve PCI Compliance in Record Six Months
- Mitigating Potential Data Breach through Lateral Movement Hunting
- Mitigating Privilege Escalation Attack by User Behaviour Analysis and Threat Hunting
- Reinforcing email security by building an improved security architecture
- Enhancing the Security Posture of an Insurance Company with VAPT
- Securing Valuable Healthcare Data Assets by Performing High-Level VAPT
- Leading Bank Embraces Data Discovery to Transform its Compliance Governance
- Leading BPO Transforms Its Application Security Approach, Forever
White Papers
- Detecting a Fake Response Malware Attack
- A practical application of AI and Data Analytics to improve effectiveness of SOC
- The Evolution of PCI 3D Secure and what’s next?
- RBI PPI Technical Security Audit Compliance in Cloud
- RBI Issues Master Direction on Digital Payment Security Controls
- RBI Guidelines on Regulation of Payment Aggregators & Payment Gateway
- RBI System Audit Report (SAR Audit)
- NPCI System Audit Report (SAR Audit)
- RBI Comprehensive Cyber Security Framework for Primary (Urban) Cooperative Banks: A Graded Approach
- NPCI Circular – Third Party Payment Application Providers (TPAP)
- RBI Guidelines on Tokenization in Card transactions
- RBI Cyber Security Framework for Scheduled Commercial Banks (SCBs)
- RBI Information System (IS) Audit
- DIGITIZATION IN UAE | An Answer to the Rising Threats and Vulnerabilities
Webinars
- RBI’s Tokenisation Circular Latest Update – What do you need to know?
- What is Apache Log4j vulnerability (CVE-2021-44228) and how it can impact you?
- Fireside Chat with Jeff on Ransomware Resiliency
- Panel Discussion: Decoding RBI’s Circular on Tokenisation
- ISACA Singapore: Improving Resilience with Rapid Attack Remediation and Cyber Risk Management
- Panel Discussion: Breaking Down Data Leaks and Data Security
- Panel Discussion: Addressing the Rising Risk in Mobile and Internet Banking
- Webinar: MAS Revised Guidelines for Risk Management – Get Compliant and Stay Resilient
- Panel Discussion: Decoding RBI instructions on Card Payments Security
- Webinar: New RBI Guidelines – How it Affects Payment Gateways and Aggregators
- USA Webinar: Why Discovering Your Sensitive Data is More Important Than Ever?
- SAARC Webinar: Why Discovering Your Sensitive Data is More Important Than Ever?
- Webinar: Threat Hunting – A Quick Guide for Analyzing Dynamic Threat Environments
- Webinar: RBI Master Direction for Financial Institutions: Get your assessment done.
- Webinar: Why Discovering Your Sensitive Data is More Important Than Ever?
- Webinar: Staying Resilient to Breaches and Ensuring PCI-DSS Compliance
- PCI SSF is replacing PA DSS. What’s your next step?
- RBI’s Master Direction on Digital Payment Security Controls – Panel Discussion
- Preventing Human Errors in Cybersecurity
- 5 Power Tips to Ensure Cloud Security in 2021
- The Top 10 Cybersecurity Stories of 2020 | Lessons We Learnt
- Preventing a Ransomware Attack Is Within Our Reach
- Cyber risk is everywhere. Where to look and what to look for?
- Exploring PCI Software Security Standards Framework
- SISA’s Top 5 Forensic Driven Learnings – Report Launch and Panel Discussion
- The Complete Guide to Strengthen Incident Response Plan: Mitigating the Current Day Threats
- Tackling End-Point Security Risks with Risk Assessment
- CyberSec Code Black – MDR to Rescue
- Work-from-Home: Implications & Strategies to Remain Compliant with PCI Standards
- The Jack of Payment Card Industry – PCI PIN Security
- Evolving Payment Security Standards – Expectation and Implications
- PCI Software Security Standards Framework, an evolution away from PA DSS
- Lessons Learned from Data Breaches in 2018
- Nine Yards of PCI PIN Security Requirements
- How to secure Mobile Payment Application
- Integrating PCI Compliance with HIPAA
- Decoding Key Management for PCI DSS
- Risk Analysis for HIPAA: Tool for Optimal Security
Events
- Payment Data Breach Live Simulation – Bangalore
- Payment Data Breach Live Simulation – Doha
- Payment Data Breach Live Simulation – Chennai
- SISA exhibits at Seamless Summit Asia 2019, Singapore
- SISA exhibits at PCI SSC 2019 North America Community Meeting, Canada
- SISA exhibits at 2019 Europe Community Meeting, Ireland
- SISA exhibits at 2019 Asia-Pacific Community Meeting, Australia
- VISA Security Summit – What COVID-19 has revealed about remote PCI DSS Implementation?
- Attend PCI SSC 2021 Global Community Forum
- SISA at DSCI’s 16th Annual Information Security Summit 2021
- Panel Discussion | Future of Digital Risk Management for Financial Institutions
Infosec Reports
Security Advisory
- PIPKA Advisory
- Emotet Malware
- PCI DSS Controls for Work from Home setup
- Maze.Ransomware – New Destructive Malware Strain
- REvil Ransomware AKA Sodinokibi (RaaS)
- ProLock Ransomware
- ColdLock Ransomware
- Panther Ransomware
- MosaicRegressor Malware
- Ghimob malware can spy on 153 Android mobile applications
- SolarWinds Fallout: How The Sunburst Attack Happened
- Clop Ransomware: Don’t Think It Can Happen to You?
- How to Prevent a Potential Fortinet FortiOS Breach: All You Need to Know
- Codecov Breach: All Questions Answered
- DarkSide Ransomware Operations
SISA is a forensics-driven cybersecurity company, trusted by organizations across the globe, for securing their businesses with robust preventive, detective, and corrective security services, and solutions. SISA offers a comprehensive bouquet of advanced products and services for risk assessment, security compliance & validation, monitoring & threat hunting, as well as training for various payment security certifications.
Industry recognition by CREST, CERTIN, SWIFT and the PCI DSS council, serves as a testament of our skill, knowledge, and competence.
As a global forensic investigator of cyber breaches, we leverage our learnings to provide true security, fanatic support and 10X business value to our customers. With 2000+ clients spread across 40+ countries, we service our clients through our delivery centres in the U.S.A, U.K, Bahrain, U.A.E, Saudi Arabia, India, Singapore, and Australia.
Facebook
Linkedin 
Twitter
Youtube