Tag Archives: security

Proxy vs VPN

What is Proxy? An internet proxy (or proxy server) is an intermediary system that sits between your device and the internet. When you use a proxy, your internet requests (like visiting a website) are first sent to the proxy server. The proxy then forwards these requests to the destination website or online service on yourContinue reading “Proxy vs VPN”

May 2025: Major Data Breaches and Cyber Attacks

South African Airways hit by cyber attack South African Airways (SAA) has become the latest organisation to fall victim to a cyber attack. In a statement released today, the flagship carrier of South Africa says it has been impacted by a significant cyber incident that began on Saturday, 3 May. According to SAA, the breachContinue reading “May 2025: Major Data Breaches and Cyber Attacks”

Transitioning to PCI DSS 4.0: Essential Compliance Updates

The shift from PCI DSS 3.2.1 to 4.0 brings critical security enhancements to protect payment card data against evolving cyber threats. If your organization processes payments, these changes will impact you. The below table highlights changes for each requirement: Requirement PCI DSS v3.2.1 PCI DSS v4.0 (Changes & Enhancements) 1: Install and maintain a firewallContinue reading “Transitioning to PCI DSS 4.0: Essential Compliance Updates”

March 2025: Major Data Breaches and Cyber Attacks

Data breach at Japanese telecom giant NTT hits 18,000 companies Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident. The data breach was discovered in early February 2025, but the exact date when the hackers gained initial access to NTT’s systemsContinue reading “March 2025: Major Data Breaches and Cyber Attacks”

AWS Security – Part 1- Securing Root Account with MFA

Task: Create AWS account and set up for below tasks What is the need to perform this: Securing an AWS root account is crucial because it has unrestricted access to all resources and services within your AWS environment. If compromised, an attacker could delete resources, steal data, or even lock you out of your ownContinue reading “AWS Security – Part 1- Securing Root Account with MFA”

Audit Conclusions

Objectives of Audit Conclusions Preparing Audit Conclusions ISO 19011, clause 6.4.9 Before the closing meeting, the auditors meeting consult each other to: Discussing Audit Conclusions with the Auditee It is important to discuss audit findings and conclusions with the management before the closing meeting and submitting the final report to: Closing Meeting Agenda Model PreparingContinue reading “Audit Conclusions”

Stage 2 audit

Objectives of Stage 2 Audit Step 1 Conducting the opening meeting ISO 19011, Clause 6.4.3 The purpose of the opening is to: Step 2 Collecting Information Information can be collected in the form of: and many more… Audit Procedure – Interview Ask employees and other interested persons (third parties) questions (verbal or written) to gatherContinue reading “Stage 2 audit”

Stage 1 Audit

Objectives of the Stage 1 Audit Stage 1 Audit steps Site Visit Activities To be Carried Out Document review The main objectives of the document audit are: • General understanding of the operation of the management system • Evaluation of the design of the management system as well as the related processes and controls •Continue reading “Stage 1 Audit”

Cybersecurity Breaches: Recent High-Profile Cases in the month of February 2025

OpenAI Data Breach – Threat Actor Allegedly Claims 20 Million Logins for Sale Threat actors from dark web forums claim to have stolen and leaked 20 million OpenAI user login credentials, potentially making OpenAI the latest high-profile target of a significant data breach. This alleged breach has raised serious concerns among tech users and cybersecurityContinue reading “Cybersecurity Breaches: Recent High-Profile Cases in the month of February 2025”