SysYork_Blogs
PCI-DSS
Cybersecurity

What is PCI-DSS Compliance

The Payment Card Industry Data Security Standard (PCI DSS) is a data security standard for businesses that deal with major credit card systems’ branded cards.

Read More »
SOX Compliance
Cybersecurity

Fundamentals of SOX Compliance

Sox (the Sarbanes-Oxley Act) was a federal law introduced in the United States in 2002 that established new corporate accountability rules to guard against financial scandals like the Enron Corporation’s.

Read More »

Aquil Ahmad

SysYork Technologies

Dynamic & Details -Oriented with over 17 years of experience ranging from  IT Security, IT Service Operations, End User Services, Remote Infrastructure Management, Data Center Operations, Customer Relationship Management, Service Desk Operations, Cyber Risk and Compliance Management to Third Party Vendor Management .

Aquil Ahmad

Featured
Interesting

Call us

Would like to partners with us and figure out solutions for you ?
  • CrowdStrike Phishing Attacks Appear in Record Time

    I have been the CEO of an anti-virus software developer. We had a special acronym for catastrophic events like this, a so-called "CEE". As in Company Extinction Event.  Within hours of mass IT outages on Friday, a surge of new domains began appearing online, all sharing one common factor: the name CrowdStrike. As the company grapples with a global tech outage that has delayed flights and disrupted emergency services, opportunistic cybercriminals are quick to exploit the chaos. Numerous websites have surfaced, promising help to those affected by the outage. Names like crowdstriketoken[.]com, crowdstrikedown[.]site, crowdstrikefix[.]com, were identified by a UK-based cybersecurity researcher specializing in credential phishing. These new domains were registered and designed in record time to lure in people desperate to restore their systems. While phishing sites commonly emerge following major events, the scale of Friday’s outages presents a vast field of potential victims. According to the researcher, several sites were still under construction, including crowdstrike-helpdesk[.]com, and crowdstrikeclaim[.]com. Bloomberg reported that he began monitoring the situation around midday in the UK and discovered new domains registered as early as 4:12 a.m. EDT, totaling 28 sites so far. The US Cybersecurity and Infrastructure Security Agency (CISA) has already observed threat actors exploiting this incident for phishing and other malicious activities. They urge people to avoid clicking on suspicious links. George Kurtz, CEO of CrowdStrike, said: "Nothing is more important to me than the trust and confidence that our customers and partners have put into CrowdStrike. As we resolve this incident, you have my commitment to provide full transparency on how this occurred and steps we’re taking to prevent anything like this from happening again." I know George and I'm sure that CrowdStrike will survive this. But it sure is a massive headache for customers. He said: "We know that adversaries and bad actors will try to exploit events like this. I encourage everyone to remain vigilant and ensure that you’re engaging with official CrowdStrike representatives. Our blog and technical support will continue to be the official channels for the latest updates."  Exactly. Warn your users to not get lured onto a scam site and download a fake update.

  • 78% of Organizations Are Targets of Ransomware Attacks Two or More Times in Twelve Months

    New data puts the spotlight on the frequency and impact of modern ransomware attacks, highlighting the overconfidence organizations are showing in their ability to defend and respond to attacks.

  • CISA’s Red Team Exercise Shows Value of Phishing, but Misses the Best Recommendation

    Phishing is used to completely compromise the victim’s environment after other repeated methods failed.

  • Cyber Threats Targeting the 2024 Paris Olympics

    Our friends at the CyberWire reported: "ZeroFox and Fortinet have both published reports on threats facing the 2024 Olympics in Paris. ZeroFox says the primary cybersecurity threat will be cyberattacks from Russia, which are "likely to take the form of DDoS attacks, data compromises, and scams carried out by Russian threat actor groups."

  • Change Healthcare Ransomware Attack May Cost Nearly $2.5 Billion

    The ransomware attack against UnitedHealth Group’s Change Healthcare platform is expected to cost the company up to $2.45 billion, more than a billion dollars more than was previously estimated, Cybersecurity Dive reports. The incident has already cost the firm nearly $2 billion.