Around 1.6 billion people around the world have iPhones, and while Apple is usually diligent regarding security, there are two major problems that have surfaced. These problems leave iPhone users completely vulnerable to cyber criminal attacks and if users don’t address, they can steal all of your personal data and even your financial information. The…
Category: cyber security
cyber security, Financial Crime, Global Security News, south africa
South Africa Facing Continued Financial Fraud Crime Wave
One only has to read the daily newsfeeds to see how drastic digital financial crime is around the world. South Africa is particularly vulnerable. It’s been reported that around 70% of South Africans have been victims of some form of cybercrime as compared to the global rate of 50%. South Africa has not only maintained…
cyber security, Global Security News
How NIST’s Cybersecurity Framework Protects the CIA Triad
What is the CIA triad? The CIA triad is a model that helps organisations implement information security programmes to protect their confidential and sensitive data. Typically, this is carried out through policies, processes and procedures. The CIA triad comprises: 1) Confidentiality: Access to information should be restricted to only those who need it. 2) Integrity: Information should…
cyber security, Global Security News
How Long Does It Take to Detect a Cyber Attack?
One of the biggest misconceptions in cyber security is the belief that ‘it won’t happen to us.’ Despite a growing awareness of cyber attacks and data breaches, organisations often mistakenly believe that they won’t become a target. ‘Why would they target us? We don’t hold anything of value.’ Cyber incidents are a matter of when, not if…
cyber security, Global Security News, NIST RMF
An Introduction to the NIST Risk Management Framework
The NIST RMF (Risk Management Framework) is a set of information security policies and standards the federal government developed by NIST (the US National Institute of Standards and Technology). The RMF is explicitly covered in the following NIST publications: Special Publication 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems,” describes the formal RMF certification and…
cyber security, Global Security News, NIST RMF
An Introduction to the NIST Risk Management Framework
The NIST RMF (Risk Management Framework) is a set of information security policies and standards the federal government developed by NIST (the US National Institute of Standards and Technology). The RMF is explicitly covered in the following NIST publications: Special Publication 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems,” describes the formal RMF certification and…
cyber security, Global Security News, NIST RMF
An Introduction to the NIST Risk Management Framework
The NIST RMF (Risk Management Framework) is a set of information security policies and standards the federal government developed by NIST (the US National Institute of Standards and Technology). The RMF is explicitly covered in the following NIST publications: Special Publication 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems,” describes the formal RMF certification and…
cyber security, Global Security News, NIST RMF
An Introduction to the NIST Risk Management Framework
The NIST RMF (Risk Management Framework) is a set of information security policies and standards the federal government developed by NIST (the US National Institute of Standards and Technology). The RMF is explicitly covered in the following NIST publications: Special Publication 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems,” describes the formal RMF certification and…
cyber security, Global Security News, NIST RMF
An Introduction to the NIST Risk Management Framework
The NIST RMF (Risk Management Framework) is a set of information security policies and standards the federal government developed by NIST (the US National Institute of Standards and Technology). The RMF is explicitly covered in the following NIST publications: Special Publication 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems,” describes the formal RMF certification and…
cyber security, Global Security News, NIST RMF
An Introduction to the NIST Risk Management Framework
The NIST RMF (Risk Management Framework) is a set of information security policies and standards the federal government developed by NIST (the US National Institute of Standards and Technology). The RMF is explicitly covered in the following NIST publications: Special Publication 800-37, “Guide for Applying the Risk Management Framework to Federal Information Systems,” describes the formal RMF certification and…
cyber security, Global Security News
5 Top Cyber Security Frameworks
Many organisations must comply with a mixture of state-mandated, industry-specific and international cyber security regulations. This includes, but isn’t limited to: SOX (the Sarbanes–Oxley Act) The NYDFS Cybersecurity Regulation The SEC cyber security disclosure rules CMMC (Cybersecurity Maturity Model Certification) DORA (Digital Operational Resilience Act) in the EU These can be challenging to navigate, particularly if…
AWS, cyber security, Global Security News, penetration testing, security testing
What AWS and Cloudflare Outages Teach Us About Cloud Configuration Risks
On Tuesday, 18 November, a Cloudflare outage took a significant part of the Internet offline, including major sites, enterprise platforms and public-facing services. Ironically, even Downdetector – the platform that provides real-time information about service outages – apparently went down for a time. This wasn’t an isolated incident, either: an AWS (Amazon Web Services) outage…
cyber security, Global Security News, Training
CISM Exam Tips from a Consultant: Five Insider Insights to Help You Pass
The CISM (Certified Information Security Manager) exam is one of the toughest in the field – according to most providers, pass rates are around 60–65% (ISACA doesn’t publish official figures). Even experienced professionals find it demanding, something our consultants know first-hand. Soji Ogunjobi is a cyber security specialist and instructor, with nearly two decades of…
cyber security, Cybersecurity, Global Security News, malware, port 443
How to Open 443 Port and Check If It Is Enabled or Not
Cybersecurity extends beyond preventing malware and protecting your code. Learn how to open the 443 port to beef up your website and improve your organization’s overall security posture Port 443… The post How to Open 443 Port and Check If It Is Enabled or Not appeared first on InfoSec Insights.
cyber security, Global Security News, ISO 22301, NIS Regulations
AWS Outage: A Supply-Chain Security Lesson
It sometimes seems that each new supply-chain security breach we see in the news affects more organisations than the last one. This isn’t particularly surprising when the same few tech companies support almost everything else. So, when it comes to AWS (Amazon Web Services) – the world’s largest Cloud provider, which is relied on by…
cyber security, Global Security News, Information Security
4 reasons to get CISMP qualified
Awarded by BCS, The Chartered Institute for IT, the CISMP (Certificate in Information Security Management Principles) provides a practical grounding in how information security is managed across organisations. The certification provides a common entry point for professionals looking to transition into cyber security, risk management or compliance roles. It is also widely used by employers…
cyber security, Global Security News, Training
CISM vs CISSP: which certification is right for you in 2025
Choosing between CISM® (Certified Information Security Manager) and CISSP® (Certified Information Systems Security Professional) is a common dilemma for cyber security professionals looking to advance their careers. Both are globally recognised and respected, but they serve different career paths and skill sets. In this blog post, we break down CISM and CISSP, looking at who…
cyber security, Global Security News, Training
CISMP vs Security+: Which Certification Is Right for You in 2025?
If you’re starting to explore a career in cyber security, two names come up again and again: CISMP and Security+. Both are well-established entry points, but they serve quite different purposes – and choosing the right one can set the tone for the rest of your professional development. CISMP (the Certificate in Information Security Management…
cyber security, Global Security News
Who is Ultimately Responsible for Business Email Compromise?
Business email compromise, commonly known as “BEC” has become a major issue inthe corporate world. Globally, this condition has been a challenge for the legalauthorities as to exactly who is liable for the damages caused by BEC. South Africancompanies are suffering under the weight of BEC crimes as the courts grapple with themultitude of cases…
cyber security, Global Security News
Who is Ultimately Responsible for Business Email Compromise?
Business email compromise, commonly known as “BEC” has become a major issue inthe corporate world. Globally, this condition has been a challenge for the legalauthorities as to exactly who is liable for the damages caused by BEC. South Africancompanies are suffering under the weight of BEC crimes as the courts grapple with themultitude of cases…
cyber security, Global Security News, Training
Is CISM Worth It? Salary, Career Value & Employer Demand in 2025
The information security sector continues to evolve rapidly, with organisations and individuals forced to frequently re-evaluate their understanding of security threats and how to manage them. One trusted way to ensure professionals are equipped to manage these threats is to look for the CISM (Certified Information Security Manager) qualification. It’s one of the most widely…
cyber security, Global Security News, Training
Is CISM Worth It? Salary, Career Value & Employer Demand in 2025
The information security sector continues to evolve rapidly, with organisations and individuals forced to frequently re-evaluate their understanding of security threats and how to manage them. One trusted way to ensure professionals are equipped to manage these threats is to look for the CISM (Certified Information Security Manager) qualification. It’s one of the most widely…
cyber security, Global Security News, Training
Is CISM Worth It? Salary, Career Value & Employer Demand in 2025
The information security sector continues to evolve rapidly, with organisations and individuals forced to frequently re-evaluate their understanding of security threats and how to manage them. One trusted way to ensure professionals are equipped to manage these threats is to look for the CISM (Certified Information Security Manager) qualification. It’s one of the most widely…
cyber security, Global Security News, News
Our Experts’ Views on the Jaguar Land Rover Cyber Attack
JLR (Jaguar Land Rover) was forced to halt production across its three UK plants on 1 September 2025 following a major cyber attack that struck the night before. The disruption affected sites in Solihull, Wolverhampton and Halewood, stopping work for around 30,000 employees and leaving many of the 100,000 people in its supply chain without…
cyber security, Global Security News, News
Our Experts’ Views on the Jaguar Land Rover Cyber Attack
JLR (Jaguar Land Rover) was forced to halt production across its three UK plants on 1 September 2025 following a major cyber attack that struck the night before. The disruption affected sites in Solihull, Wolverhampton and Halewood, stopping work for around 30,000 employees and leaving many of the 100,000 people in its supply chain without…
cyber security, Global Security News, News
Our Experts’ Views on the Jaguar Land Rover Cyber Attack
JLR (Jaguar Land Rover) was forced to halt production across its three UK plants on 1 September 2025 following a major cyber attack that struck the night before. The disruption affected sites in Solihull, Wolverhampton and Halewood, stopping work for around 30,000 employees and leaving many of the 100,000 people in its supply chain without…
business, Cryptogtaphy, cyber attack, cyber security, Global Security News, Information
Movie Piracy: The Hidden Billion-Dollar Industry You Didn’t See Coming
Movie piracy has evolved from DVDs to digital leaks, costing Hollywood and Bollywood billions every year. Discover how piracy works today, its hidden cybersecurity risks, and why it’s one of the biggest threats facing the global film industry.
business, Cryptogtaphy, cyber attack, cyber security, Global Security News, Information
Movie Piracy: The Hidden Billion-Dollar Industry You Didn’t See Coming
Movie piracy has evolved from DVDs to digital leaks, costing Hollywood and Bollywood billions every year. Discover how piracy works today, its hidden cybersecurity risks, and why it’s one of the biggest threats facing the global film industry.
AI, cyber security, Cybersecurity, data breach, Data Breaches, Exploits, Global Security News, hacking, Risk Management, Salesforce
The Secret to Hacking SaaS? Forget Passwords — Go for Tokens
Google has warned that the recent Salesloft OAuth breach, attributed to threat group UNC6395, is not limited to Salesforce as initially reported. Instead, the attack affects all third-party SaaS integrations connected to Salesloft via OAuth, massively expanding the potential impact radius. Between August 8–18, 2025, attackers stole and abused OAuth tokens from Salesloft and Drift,…
cyber security, Global Security News
Southeast Asia’s Hidden Crisis
The UN Reveals Widespread Trafficking into Online Scam Operations Every day, thousands of lives are torn apart in the shadows of Southeast Asia. A harrowing UN Human Rights Office (OHCHR) report from 29 August 2023 reveals that hundreds of thousands of individuals have been trafficked and forced into online scam operations, often under brutal and…
AI, cyber security, Global Security News, Resources
The Intersection of AI and Privacy: Safeguarding Personal Information in the Age of Intelligent Systems
In today’s increasingly connected world, the rapid advancement of artificial intelligence (AI) is transforming the way we live and work. AI technologies such as generative AI and machine learning have the potential to revolutionize various industries and improve our daily lives. However, as AI becomes more prevalent, the need to safeguard personal information and protect…
AI, cyber security, Global Security News, Resources
The Intersection of AI and Privacy: Safeguarding Personal Information in the Age of Intelligent Systems
In today’s increasingly connected world, the rapid advancement of artificial intelligence (AI) is transforming the way we live and work. AI technologies such as generative AI and machine learning have the potential to revolutionize various industries and improve our daily lives. However, as AI becomes more prevalent, the need to safeguard personal information and protect…
AI, cyber security, Global Security News, Resources
The Intersection of AI and Privacy: Safeguarding Personal Information in the Age of Intelligent Systems
In today’s increasingly connected world, the rapid advancement of artificial intelligence (AI) is transforming the way we live and work. AI technologies such as generative AI and machine learning have the potential to revolutionize various industries and improve our daily lives. However, as AI becomes more prevalent, the need to safeguard personal information and protect…
cyber security, Exploits, Global Security News
Cyber Essentials: The 5 Cost-Effective Security Controls Everyone Needs
Cyber Essentials is a UK government scheme that outlines steps organisations can take to secure their systems. It contains five controls that cover the basics of effective information and cyber security. Anyone familiar with the scheme can implement the controls, regardless of their information security knowledge. And although the controls are only basic – not…
cyber security, Exploits, Global Security News
Cyber Essentials: The 5 Cost-Effective Security Controls Everyone Needs
Cyber Essentials is a UK government scheme that outlines steps organisations can take to secure their systems. It contains five controls that cover the basics of effective information and cyber security. Anyone familiar with the scheme can implement the controls, regardless of their information security knowledge. And although the controls are only basic – not…
cyber security, Exploits, Global Security News
Cyber Essentials: The 5 Cost-Effective Security Controls Everyone Needs
Cyber Essentials is a UK government scheme that outlines steps organisations can take to secure their systems. It contains five controls that cover the basics of effective information and cyber security. Anyone familiar with the scheme can implement the controls, regardless of their information security knowledge. And although the controls are only basic – not…
cyber security, Global Security News, SOC 2, Trust Services Criteria
Nine Steps to SOC 2 Compliance – Including a SOC 2 Readiness Checklist
SOC (System and Organization Controls) audits provide an independent assessment of the risks associated with using service organisations and other third parties. SOC 2 audits assess service organisations’ security, availability, processing integrity, confidentiality and privacy controls against the AICPA (American Institute of Certified Public Accountants) TSC (Trust Services Criteria). A SOC 2 report is generally aimed at…
cyber security, Global Security News, SOC 2, Trust Services Criteria
Nine Steps to SOC 2 Compliance – Including a SOC 2 Readiness Checklist
SOC (System and Organization Controls) audits provide an independent assessment of the risks associated with using service organisations and other third parties. SOC 2 audits assess service organisations’ security, availability, processing integrity, confidentiality and privacy controls against the AICPA (American Institute of Certified Public Accountants) TSC (Trust Services Criteria). A SOC 2 report is generally aimed at…
cyber security, Global Security News, SOC 2, Trust Services Criteria
Nine Steps to SOC 2 Compliance – Including a SOC 2 Readiness Checklist
SOC (System and Organization Controls) audits provide an independent assessment of the risks associated with using service organisations and other third parties. SOC 2 audits assess service organisations’ security, availability, processing integrity, confidentiality and privacy controls against the AICPA (American Institute of Certified Public Accountants) TSC (Trust Services Criteria). A SOC 2 report is generally aimed at…
AI, cyber security, Endpoint, Exploits, Global Security News, malware
How to Build a Homoglyph Phishing Link That Bypasses Human Detection — Even Booking.com Users
A newly discovered phishing campaign is leveraging a Unicode homoglyph trick to impersonate Booking.com and distribute malicious MSI installers capable of delivering infostealers or remote access trojans (RATs). This attack, spotted by security researcher JamesWT, exploits the Japanese hiragana character “ん” (U+3093), which can visually resemble a forward slash (“/”) or “/n” in certain fonts,…
Cryptogtaphy, cyber attack, cyber security, Data Privacy, Global Security News
IIT-Roorkee Data Breach: What Happened, What Was Leaked, and Why It Matters
The IIT-Roorkee data breach exposed sensitive student information, revealing critical cybersecurity gaps in academia and emphasizing the urgent need for stronger data protection measures.
Cryptogtaphy, cyber attack, cyber security, Data Privacy, Global Security News
IIT-Roorkee Data Breach: What Happened, What Was Leaked, and Why It Matters
The IIT-Roorkee data breach exposed sensitive student information, revealing critical cybersecurity gaps in academia and emphasizing the urgent need for stronger data protection measures.
Cryptogtaphy, cyber attack, cyber security, Data Privacy, Global Security News
IIT-Roorkee Data Breach: What Happened, What Was Leaked, and Why It Matters
The IIT-Roorkee data breach exposed sensitive student information, revealing critical cybersecurity gaps in academia and emphasizing the urgent need for stronger data protection measures.
Cryptogtaphy, cyber attack, cyber security, Data Privacy, Global Security News
IIT-Roorkee Data Breach: What Happened, What Was Leaked, and Why It Matters
The IIT-Roorkee data breach exposed sensitive student information, revealing critical cybersecurity gaps in academia and emphasizing the urgent need for stronger data protection measures.
Cryptogtaphy, cyber attack, cyber security, Data Privacy, Global Security News
IIT-Roorkee Data Breach: What Happened, What Was Leaked, and Why It Matters
The IIT-Roorkee data breach exposed sensitive student information, revealing critical cybersecurity gaps in academia and emphasizing the urgent need for stronger data protection measures.
cyber security, Expert insight, Exploits, Global Security News, penetration testing, security testing
What are the Different Types of Penetration Test?
And how do you choose the right one for your needs? Penetration testing (also known as ‘pen testing’ or ‘ethical hacking’) offers a vital tool for identifying gaps and opportunities to strengthen your security programme. We asked our head of security testing, James Pickard, to explain the different types of test. In this interview Is…
cyber security, Expert insight, Exploits, Global Security News, penetration testing, security testing
What are the Different Types of Penetration Test?
And how do you choose the right one for your needs? Penetration testing (also known as ‘pen testing’ or ‘ethical hacking’) offers a vital tool for identifying gaps and opportunities to strengthen your security programme. We asked our head of security testing, James Pickard, to explain the different types of test. In this interview Is…
cyber security, Expert insight, Exploits, Global Security News, penetration testing, security testing
What are the Different Types of Penetration Test?
And how do you choose the right one for your needs? Penetration testing (also known as ‘pen testing’ or ‘ethical hacking’) offers a vital tool for identifying gaps and opportunities to strengthen your security programme. We asked our head of security testing, James Pickard, to explain the different types of test. In this interview Is…
cyber security, Emerging Tech, Global Security News, ISACA, Training
The 4 CRISC Domains Explained
The CRISC® (Certified in Risk and Information Systems Control®) certification from ISACA® is a globally recognised credential for IT and business professionals. Launched in 2010, it has become the benchmark for validating expertise in enterprise risk governance and control management. CRISC is aimed at those operating in or aspiring to work in IT risk management…
Cloud Security, cyber security, Global Security News, ISO 27001, ISO 27017, supply chain security
What Are ISO 27017 and ISO 27018, and What Are Their Controls?
Extending your ISMS to address Cloud security risks ISO 27001 sets out the specification for an ISMS (information security management system). But did you know you can extend your ISO 27001 ISMS to cover specific aspects of Cloud security? Let’s take a closer look at both ISO 27017 and ISO 27018. Note: The current versions…
cyber security, Emerging Tech, Global Security News, Training
The 9 CISMP Domains Explained
The CISMP (Certificate in Information Security Management Principles) is one of the UK’s most widely recognised entry-level qualifications for information security professionals. Accredited by BCS, The Chartered Institute for IT, it provides a comprehensive foundation in cyber security and information security management. CISMP is designed for individuals working in, or aspiring to work in, security-related…
cryptography, Cryptogtaphy, cyber attack, cyber security, Cybersecurity, Global Security News
₹368 Crore Vanishes Overnight: What the CoinDCX Hack Means for India’s Crypto Security
CoinDCX suffered a major backend breach in July 2025, losing ₹368 crore. While no user funds were affected, the incident raises critical questions about exchange security.
cyber security, Global Security News, Training
The 4 CISM Domains Explained
The CISM® (Certified Information Security Manager®) qualification from ISACA® is one of the most widely respected credentials for information security professionals. It demonstrates not only technical expertise, but also the strategic insight required to build, manage and improve enterprise-level security programmes. Since its launch in 2002, CISM has become a globally recognised benchmark for senior…
cyber security, Global Security News, hacking, phishing, social media, south africa
What is up with so many trying to hack TikTok?
TikTok has become one of the most popular social media platforms on the net. As we have learned, the more the user base, the more that hackers will try to break in to steal sensitive information. While there might be many more mature users, the user base including younger people is increasing. These are generations…
Cryptogtaphy, cyber attack, cyber security, Global Security News, Web Security
India Detects Over 1,100 Phishing Domains: What It Means for Your Online Safety
India uncovered 1,172 phishing domains in just six months. This blog explains how these scams work, who they target, and how you can protect your data in today’s digital world.
cyber security, data protection, Global Security News, Information Security, ISMS, ISO 27001
Information Security vs Cyber Security: The Difference
You’ll often see the terms cyber security and information security used interchangeably. That’s because, in their most basic forms, they have the same aim: protecting the confidentiality, integrity and availability of information. This is also known as the ‘CIA triad’: Confidentiality: Protecting information from falling into the wrong hands. Integrity: Making sure the information is – and remains –…
CISA, cyber security, Global Security News, Training
The 5 CISA Domains Explained
The CISA® (Certified Information Systems Auditor®) credential, awarded by ISACA®, is the gold standard for IT audit, control and assurance professionals. Since its introduction in 1978, it has been one of the most sought-after qualifications for audit, risk and compliance leadership positions. CISA covers five domains, updated in August 2024 to reflect changes in technology,…
Cryptogtaphy, cyber attack, cyber security, Emerging Tech, Global Security News, Information
“Mom, It’s Me…”: How AI Voice Cloning Is Powering a New Era of Cybercrime in India
AI voice cloning scams are rising in India, using fake calls to trick families. Learn how they work—and how to stay protected from this emerging cyber threat.
cyber security, Emerging Tech, Global Security News, ISO 27001, risk assessment, Risk Management, vsrisk
7 Steps to a Successful ISO 27001 Risk Assessment – Updated for 2025
Risk assessments remain central to ISO 27001 compliance in 2025, ensuring your ISMS (information security management system) is robust and effective. ISO 27001:2022 and ISO 27002:2022 introduced several updates that organisations should incorporate into their risk assessment processes. Here are the seven essential steps for conducting a successful ISO 27001 risk assessment in line with…
cyber security, Global Security News, pentesting, Security Bloggers Network, VAPT
AI Is Enhancing The Traditional Pentesting Approach – A Detailed Analysis
For a long time now, traditional pentesting has served as the backbone of proactive cyberdefense strategies across all industries flourishing in the digital realm. Pacing with the time where technology is making history- speed, accuracy, and foresight are paramount when it comes to cybersecurity. With organizations scaling and cyber threats evolving in complexity and frequency,…
cyber security, Global Security News, Training
Building Your Cyber Security Career: The Credentials Needed for Management and Specialist Roles
In a recent webinar hosted by IT Governance, Andy Johnston (divisional director for training), Nikolai Nikolaev (information security specialist) and Soji Obunjobi (cyber security specialist) shared valuable insights into navigating a career in cyber security, with particular focus on the qualifications and experience needed for management and specialist roles. This blog summarises key takeaways from…
cyber security, Global Security News, Training
Building Your Cyber Security Career: The Credentials Needed for Management and Specialist Roles
In a recent webinar hosted by IT Governance, Andy Johnston (divisional director for training), Nikolai Nikolaev (information security specialist) and Soji Obunjobi (cyber security specialist) shared valuable insights into navigating a career in cyber security, with particular focus on the qualifications and experience needed for management and specialist roles. This blog summarises key takeaways from…
cyber security, Global Security News, Training
Building Your Cyber Security Career: The Credentials Needed for Management and Specialist Roles
In a recent webinar hosted by IT Governance, Andy Johnston (divisional director for training), Nikolai Nikolaev (information security specialist) and Soji Obunjobi (cyber security specialist) shared valuable insights into navigating a career in cyber security, with particular focus on the qualifications and experience needed for management and specialist roles. This blog summarises key takeaways from…
cyber security, Global Security News, Training
Building Your Cyber Security Career: The Credentials Needed for Management and Specialist Roles
In a recent webinar hosted by IT Governance, Andy Johnston (divisional director for training), Nikolai Nikolaev (information security specialist) and Soji Obunjobi (cyber security specialist) shared valuable insights into navigating a career in cyber security, with particular focus on the qualifications and experience needed for management and specialist roles. This blog summarises key takeaways from…
Cryptogtaphy, cyber attack, cyber security, dark web, Data Privacy, Global Security News
The Dark Web in 2025: What’s Being Sold and Who’s Buying?
From stolen Aadhaar cards to hacker-for-hire services, the dark web in 2025 is more active—and more dangerous—than ever. Discover what’s being sold, who’s buying, and why it matters more than you think.
AI, cyber security, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Information Security, Network Security
BreachForums Is DEAD — Cybercrime’s Biggest Empire Just Got Crushed!
A coordinated law enforcement operation in France has resulted in the arrest of key figures behind BreachForums, one of the most active and influential marketplaces for cybercriminals in recent years. The takedown marks a significant disruption in the cybercriminal economy, highlighting both the global reach of modern threat actors and the increasing sophistication of cross-border…
Cryptogtaphy, cyber attack, cyber security, dark web, Data Privacy, Global Security News
Alert: The Internet’s Biggest Leak Yet – 16 Billion Credentials Exposed in 2025
A record-breaking 16 billion credentials have just been leaked in what experts call the biggest data breach ever. From Google to Telegram, no one’s safe. Here’s what happened—and why it matters more than ever.
business, cyber security, Cybercrime, Cybersecurity, Global Security News, Ransomware
Cybersecurity Compliance in South Africa
A Continued Cycle South Africa has had a slow approach to compliance with the government regulations and laws set in place. This problem has been exposed at every turn as South Africa has continued to show its vulnerabilities, and cyber criminals see them and abuse them. The institution of much of the newer legislation has…
business, cyber security, Cybercrime, Cybersecurity, Global Security News, Ransomware
Cybersecurity Compliance in South Africa
A Continued Cycle South Africa has had a slow approach to compliance with the government regulations and laws set in place. This problem has been exposed at every turn as South Africa has continued to show its vulnerabilities, and cyber criminals see them and abuse them. The institution of much of the newer legislation has…
cyber security, Global Security News
Understanding the CIA Triad in 2025: A Cornerstone of Cyber Security
The CIA triad – confidentiality, integrity and availability – remains the foundational model for information security in 2025. It’s embedded into virtually every modern security framework, from ISO 27001 to the GDPR. Article 32 of the GDPR explicitly refers to these principles when defining the necessary security measures for protecting personal data. Understanding and applying…
cyber security, Global Security News
Understanding the CIA Triad in 2025: A Cornerstone of Cyber Security
The CIA triad – confidentiality, integrity and availability – remains the foundational model for information security in 2025. It’s embedded into virtually every modern security framework, from ISO 27001 to the GDPR. Article 32 of the GDPR explicitly refers to these principles when defining the necessary security measures for protecting personal data. Understanding and applying…
cyber security, Global Security News
Understanding the CIA Triad in 2025: A Cornerstone of Cyber Security
The CIA triad – confidentiality, integrity and availability – remains the foundational model for information security in 2025. It’s embedded into virtually every modern security framework, from ISO 27001 to the GDPR. Article 32 of the GDPR explicitly refers to these principles when defining the necessary security measures for protecting personal data. Understanding and applying…
cyber security, Global Security News
Understanding the CIA Triad in 2025: A Cornerstone of Cyber Security
The CIA triad – confidentiality, integrity and availability – remains the foundational model for information security in 2025. It’s embedded into virtually every modern security framework, from ISO 27001 to the GDPR. Article 32 of the GDPR explicitly refers to these principles when defining the necessary security measures for protecting personal data. Understanding and applying…
business, Cryptogtaphy, cyber attack, cyber security, Global Security News, Information
What is a Web Application Firewall (WAF) and Why Your Business Shouldn’t Ignore It
A WAF (Web Application Firewall) acts like a security shield for your website, blocking threats like SQL injections, XSS attacks, and bot traffic in real time.
cyber security, Exploits, Global Security News, penetration testing
Penetration Testing for SaaS Providers: Building Trust and Security
In today’s rapidly evolving digital landscape, SaaS (software as a service) providers face increasing scrutiny regarding the security of their platforms. And with increasing numbers of customers entrusting sensitive data to Cloud-based solutions, penetration testing has become an essential component of a comprehensive security strategy. In a recent webinar, Penetration Testing for SaaS Providers, our…
cyber security, Exploits, Global Security News, penetration testing
Penetration Testing for SaaS Providers: Building Trust and Security
In today’s rapidly evolving digital landscape, SaaS (software as a service) providers face increasing scrutiny regarding the security of their platforms. And with increasing numbers of customers entrusting sensitive data to Cloud-based solutions, penetration testing has become an essential component of a comprehensive security strategy. In a recent webinar, Penetration Testing for SaaS Providers, our…
cyber security, Exploits, Global Security News, penetration testing
Penetration Testing for SaaS Providers: Building Trust and Security
In today’s rapidly evolving digital landscape, SaaS (software as a service) providers face increasing scrutiny regarding the security of their platforms. And with increasing numbers of customers entrusting sensitive data to Cloud-based solutions, penetration testing has become an essential component of a comprehensive security strategy. In a recent webinar, Penetration Testing for SaaS Providers, our…
cyber security, Exploits, Global Security News, penetration testing
Penetration Testing for SaaS Providers: Building Trust and Security
In today’s rapidly evolving digital landscape, SaaS (software as a service) providers face increasing scrutiny regarding the security of their platforms. And with increasing numbers of customers entrusting sensitive data to Cloud-based solutions, penetration testing has become an essential component of a comprehensive security strategy. In a recent webinar, Penetration Testing for SaaS Providers, our…
cyber security, Data Security, encryption, Global Security News, how does pki work, pki it security, pki technology
How Does PKI Work? A Look at the Inner Workings of Public Key Infrastructure
You enjoy the benefits of PKI every day, but have you ever wondered what goes on behind the scenes? Learn how public key infrastructure works to ensure data security and… The post How Does PKI Work? A Look at the Inner Workings of Public Key Infrastructure appeared first on InfoSec Insights.
cyber security, Global Security News, Security Bloggers Network, VAPT
Top AI-Driven Pentest Tools 2025
Artificial Intelligence, known to simplify complexities, is trending among organizations. Hence, AI being a buzzword is no more relevant in the context when looking at the near and far future of cybersecurity. The intricacy of cyber threats across industries increased the demand for AI-driven pentest tools in 2025. These smartest tools don’t just scan and…
Application Security, Cloud Security, cyber security, Global Security News, Security Bloggers Network
Web Application Firewall (WAF) Best Practices For Optimal Security
Web and mobile application code protection is a must-have security control. Modern solutions such as application layer firewall help your organisation to keep those assets protected from threats like SQL injection, cross-site scripting and bot-driven attacks. This is where a Web Application Firewall (WAF) comes into the picture. A WAF has the capability of filtering,…
Application Security, Cloud Security, cyber security, Global Security News, Security Bloggers Network
Web Application Firewall (WAF) Best Practices For Optimal Security
Web and mobile application code protection is a must-have security control. Modern solutions such as application layer firewall help your organisation to keep those assets protected from threats like SQL injection, cross-site scripting and bot-driven attacks. This is where a Web Application Firewall (WAF) comes into the picture. A WAF has the capability of filtering,…
Application Security, Cloud Security, cyber security, Global Security News, Security Bloggers Network
Web Application Firewall (WAF) Best Practices For Optimal Security
Web and mobile application code protection is a must-have security control. Modern solutions such as application layer firewall help your organisation to keep those assets protected from threats like SQL injection, cross-site scripting and bot-driven attacks. This is where a Web Application Firewall (WAF) comes into the picture. A WAF has the capability of filtering,…
Author of the month, cyber security, Global Security News, ISO 27001, Staff Awareness
Author of the Month: Bridget Kenyon
ISO 27001 Controls – A guide to implementing and auditing Bridget Kenyon is the CISO (chief information security officer) for SSCL. She’s also been on the ISO editing team for ISMS (information security management system) standards since 2006, and has served as lead editor for ISO/IEC 27001:2022 and ISO/IEC 27014:2020. Bridget is also a member of the…
Author of the month, cyber security, Global Security News, ISO 27001, Staff Awareness
Author of the Month: Bridget Kenyon
ISO 27001 Controls – A guide to implementing and auditing Bridget Kenyon is the CISO (chief information security officer) for SSCL. She’s also been on the ISO editing team for ISMS (information security management system) standards since 2006, and has served as lead editor for ISO/IEC 27001:2022 and ISO/IEC 27014:2020. Bridget is also a member of the…
Author of the month, cyber security, Global Security News, ISO 27001, Staff Awareness
Author of the Month: Bridget Kenyon
ISO 27001 Controls – A guide to implementing and auditing Bridget Kenyon is the CISO (chief information security officer) for SSCL. She’s also been on the ISO editing team for ISMS (information security management system) standards since 2006, and has served as lead editor for ISO/IEC 27001:2022 and ISO/IEC 27014:2020. Bridget is also a member of the…
Author of the month, cyber security, Global Security News, ISO 27001, Staff Awareness
Author of the Month: Bridget Kenyon
ISO 27001 Controls – A guide to implementing and auditing Bridget Kenyon is the CISO (chief information security officer) for SSCL. She’s also been on the ISO editing team for ISMS (information security management system) standards since 2006, and has served as lead editor for ISO/IEC 27001:2022 and ISO/IEC 27014:2020. Bridget is also a member of the…
Asia Pacific, Cryptogtaphy, cyber security, Cybersecurity, Global Security News
UK Expands Cyber Offensive Against Russia and China: A New Era of Cyber Warfare
The UK is ramping up its cyber offensive to tackle growing threats from Russia and China, integrating advanced technology and unified command for stronger defense.
business, Cryptogtaphy, cyber attack, cyber security, Global Security News
184 Million Passwords Leaked Online: Why This Should Scare You More Than Usual
A staggering 184 million passwords were leaked in a 47GB breach impacting Google, Apple, and more. Learn how it happened — and how to secure your digital life.
business, Cryptogtaphy, cyber attack, cyber security, Global Security News
Only 7% of Indian Firms Are Cyber Ready in 2025: What the Cisco Report Means for You
India’s cybersecurity readiness is alarmingly low, with only 7% of organizations prepared for modern threats. This blog dives into Cisco’s 2025 report, revealing why urgent action is needed and what steps businesses can take to protect their digital future.
Apps, cyber security, Data Breaches, Global Security News, pki it security, SMB
8 Practical PKI Uses & Applications That Drive SMB Security
More than half of the breaches investigated by Verizon in its 2025 DBIR report stemmed from system intrusions. Discover which PKI use cases every small and mid-size business can implement… The post 8 Practical PKI Uses & Applications That Drive SMB Security appeared first on InfoSec Insights.
cyber security, Global Security News, Security Bloggers Network, VAPT
Detect Vulnerabilities Faster With Website Scanner
As digital transformation becomes a strategic imperative, development teams have emerged as a pillar of organizations. Agile and DevOps practices have revolutionized the pace of innovation, enabling businesses to respond rapidly to evolving market demands. However, this accelerated development comes with a cost—the expansion of the application attack surface. Every new feature or update introduces…
cyber security, Exploits, GDPR, Global Security News, penetration testing, security testing
Lessons Learned from the Legal Aid Agency Data Breach
The MoJ (Ministry of Justice) has disclosed that the LAA (Legal Aid Agency) suffered a data breach last month, in which criminals accessed data relating to hundreds of thousands of people, dating back to 2010. Exfiltrated data may have included “contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history,…
cyber security, Exploits, GDPR, Global Security News, penetration testing, security testing
Lessons Learned from the Legal Aid Agency Data Breach
The MoJ (Ministry of Justice) has disclosed that the LAA (Legal Aid Agency) suffered a data breach last month, in which criminals accessed data relating to hundreds of thousands of people, dating back to 2010. Exfiltrated data may have included “contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history,…
cyber security, Exploits, GDPR, Global Security News, penetration testing, security testing
Lessons Learned from the Legal Aid Agency Data Breach
The MoJ (Ministry of Justice) has disclosed that the LAA (Legal Aid Agency) suffered a data breach last month, in which criminals accessed data relating to hundreds of thousands of people, dating back to 2010. Exfiltrated data may have included “contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history,…
cyber security, Exploits, GDPR, Global Security News, penetration testing, security testing
Lessons Learned from the Legal Aid Agency Data Breach
The MoJ (Ministry of Justice) has disclosed that the LAA (Legal Aid Agency) suffered a data breach last month, in which criminals accessed data relating to hundreds of thousands of people, dating back to 2010. Exfiltrated data may have included “contact details and addresses of applicants, their dates of birth, national ID numbers, criminal history,…
cyber security, Cybersecurity, Global Security News, hacking, man in the middle
Man-in-the-Middle Cyber Attacks
MITM (man-in-the-middle) cyber attacks is a generic term for a cyber threat involving a criminal that positions themselves in the conversation between an application and a user. The goal is to either imitate one of the participating parties or simply to eavesdrop to get information. MITM thieves can then access such pertinent information as credit…
cyber security, Cybersecurity, Global Security News, hacking, man in the middle
Man-in-the-Middle Cyber Attacks
MITM (man-in-the-middle) cyber attacks is a generic term for a cyber threat involving a criminal that positions themselves in the conversation between an application and a user. The goal is to either imitate one of the participating parties or simply to eavesdrop to get information. MITM thieves can then access such pertinent information as credit…
Cryptogtaphy, cyber attack, cyber security, Global Security News
Operation Sindoor: Cyberterrorism and National Security in India
This blog discusses the increasing cyberterrorism threats facing India and the government’s efforts like Operation Sindoor to combat them. It highlights why stronger cybersecurity is vital to protect the country’s digital infrastructure.
cyber security, Exploits, Global Security News, phishing, phishing attack, phishing awareness
How to Spot a Phishing Email in 2025 –with Real Examples and Red Flags
Despite growing awareness and increasingly sophisticated security tools, phishing is still one of the most persistent and pernicious threats of the modern age: according to Proofpoint’s 2024 State of the Phish report, 86% of organisations experienced a phishing attempt last year and over 70% suffered a successful compromise due to human error. Phishing is also…