TryHackMe’s DevSecOps Learning Path focuses on securing pipelines and introducing Infrastructure as Code (IaC) and Containerisation security techniques. You’ll learn the tools and practices to ensure robust development processes and secure software deployment workflows. From fortifying pipelines to automating infrastructure management, you will gain practical insights into modern DevSecOps methodologies. Secure Software Development Lab: IntroductionContinue reading “DevSecOps – Secure Software Development”
Tag Archives: security
Phase 1 – Initiating the audit
Appointing the Audit Team Leader Validation of the Audit Objectives In an ISO 27001 certification audit, the main audit objectives are to confirm that: Validation of the Audit scope The audit scope describes the range and limits of he audit; for example, the locations, the organizational units, the activities and the process to be auditedContinue reading “Phase 1 – Initiating the audit”
Cybersecurity Breaches: Recent High-Profile Cases in the month of January 2025
Ransomware attack on New York Blood Center forces workarounds, drive cancellations One of the largest independent blood centers serving over 75 million people across the U.S. has been hit by a ransomware attack, forcing officials to reschedule blood drives and implement workarounds. New York Blood Center Enterprises said its team discovered suspicious activity affecting theContinue reading “Cybersecurity Breaches: Recent High-Profile Cases in the month of January 2025”
Monthly Round Up for the month of December 2024
Deloitte UK Reportedly Cyberattacked for 1 TB of Sensitive Data by Ransomware Group The Brain Cipher Ransomware group has reportedly claimed responsibility for a cyberattack on Deloitte UK. They allege that they have exfiltrated over 1 terabyte of data. This breach, if confirmed, could have serious implications for Deloitte’s clients and its professional reputation. However,Continue reading “Monthly Round Up for the month of December 2024”
Types of Information
Based on Sensitivity Based on Regulatory Requirements
Monthly Round Up for the month of November 2024
Insurance Administrator Landmark Admin Ransomware Data Breach Impacted Over 800,000 People Landmark Admin, a third-party insurance administrator, has confirmed a data breach. The May 2024 ransomware attack affected nearly one million customers. “The forensic investigation determined that data was encrypted and infiltrated from Landmark’s system,” the company said. Canada faces a cybersecurity crisis with criticalContinue reading “Monthly Round Up for the month of November 2024”
Vulnerability Management
It is not a scan or a one-time project. Vulnerability Management is a “program” which organizations might use. The goal is to continuously identify vulnerabilities. Then, they must address these vulnerabilities in appropriate ways. It can contain many different projects like: What, Why and How? It is the process of identifying, analyzing and ranking vulnerabilities.Continue reading “Vulnerability Management”
Monthly Round Up for the month of September 2024
Ransomware attack forces high school in London to close and send students home A high school in south London has announced it will be closed for the first half of this week due to a ransomware attack, leaving approximately 1,300 students in the lurch. Students were sent home from the Charles Darwin School on Thursday,Continue reading “Monthly Round Up for the month of September 2024”
Monthly Round Up for the month of August 2024
ADT confirms data breach after customer info leaked on hacking forum ADT, a leading American company in building security, has confirmed a data breach incident. The breach involved threat actors who allegedly leaked customer information on a well-known hacking forum. ADT, a publicly traded company, focuses on providing security and smart home solutions to bothContinue reading “Monthly Round Up for the month of August 2024”
Monthly Round Up for the month of July 2024
AT & T cyber attack A massive AT&T Cyberattack caused Hackers to Steal Millions of Customer Records. Consequently, AT&T revealed that nearly all of its wireless customers’ call and text records were exposed. Furthermore, the hackers accessed customer data stored on a third-party cloud platform. Patient reports used as paper plates at Mumbai hospital A videoContinue reading “Monthly Round Up for the month of July 2024”
