Simuna Infosec Private Limited

09/04/2023

24/03/2023

Ferrari Published "Ferrari N.V. (NYSE/EXM: RACE) (“Ferrari”) announces that Ferrari S.p.A., its wholly-owned Italian subsidiary, was recently contacted by a threat actor with a ransom demand related to certain client contact details. Upon receipt of the ransom demand, we immediately started an investigation in collaboration with a leading global third-party cybersecurity firm. In addition, we informed the relevant authorities and are confident they will investigate to the full extent of the law.

As a policy, Ferrari will not be held to ransom as paying such demands funds criminal activity and enables threat actors to perpetuate their attacks.

Instead, we believed the best course of action was to inform our clients and thus we have notified our customers of the potential data exposure and the nature of the incident.

Ferrari takes the confidentiality of our clients very seriously and understands the significance of this incident. We have worked with third party experts to further reinforce our systems and are confident in their resilience. We can also confirm the breach has had no impact on the operational functions of our company."

10/03/2023

Department for Promotion of Industry and Internal Trade certified Simuna Infosec Pvt. Ltd. as an Eligible Business Entity for income tax exemption under section 80-IAC of the Income Tax Act, 1961. Thanks to PMO India Startupindia Income Tax India Department for Promotion of Industry and Internal Trade for the initiative.

12/04/2020

Wishing you and family, a happy Easter.

31/03/2020

Policy:
Review your current information security and other similar policies to determine if there are any established security guidelines for remote work and remote access to company information systems. Some organizations may have policies specifically geared for remote work, while others may provide for contingencies in disaster recovery plans, BYOD (bring your own device) polices, and other similar plans and policies. If no relevant plans or policies are in place, this is a good time to establish at least some basic guidelines to address remote access to company information systems and use by employees of personal devices for company business.

Communication:
Managers should be familiar with applicable security guidelines, plans, and policies, and ensure that pertinent information is flowed-down to their teams and throughout the organization. It is essential that the organization is aligned from top to bottom. Remember, many employees do not work in security day-to-day, and some may have never worked remotely before. Providing guidance to all employees is critical.

Preparation:
Companies should review data breach and incident response plans to ensure that organizations are prepared for responding to a data breach or security incident. Update the plans if necessary for contact information for the (now) remote incident response team and outside advisors. The increased security risk of remote work reinforces the need to have a plan in place if something goes wrong.

Remote Work Cyber Security Tips from Simuna:
Remind employees the types of information that they need to safeguard. This often includes information such as confidential business information, trade secrets, protected intellectual property, work product, customer information, employee information, and other personal information (information that identifies a person of household).
Sensitive information, such as certain types of personal information (e.g., personnel records, medical records, financial records), that is stored on or sent to or from remote devices should be encrypted in transit and at rest on the device and on removable media used by the device.
Train employees on how to detect and handle phishing attacks and other forms of social engineering involving remote devices and remote access to company information systems. There are an increasing number of Coronavirus-based phishing emails going around, preying on the health concerns of the public.
Do not allow sharing of work computers and other devices. When employees bring work devices home, those devices should not be shared with or used by anyone else in the home. This reduces the risk of unauthorized or inadvertent access to protected company information.
Virtual Private Networks (VPNs) ensure that internet traffic is encrypted, especially if connected to a public Wi-Fi network. If your company has one in place, make sure employees exclusively use the VPN when working and when accessing company information systems remotely.
Company information should never be downloaded or saved to employees’ personal devices or cloud services, including employee computers, thumb drives, or cloud services such as their personal Google Drive or Dropbox accounts.
Require security software on employee devices and ensure that all versions are up to date with all necessary patches.
Consider prohibiting access to company information systems while on public Wi-Fi. With offices closed, employees may be tempted to work from their local cafes and coffee shops. Without a company VPN, this can lead to significant security risks.
“Remember password” functions should always be turned off when employees are logging into company information systems and applications from their personal devices.
Implement and enforce two-factor or multi-factor authentication (MFA). If you haven’t turned on MFA yet, now is the time to do it.
Limit employee access to protected information to the minimum scope and duration needed to perform their duties.
Consider Mobile Device Management (MDM) and Mobile Application Management (MAM). These solutions can help manage and secure mobile devices and applications. These tools can also allow organizations to remotely implement a number of security measures, including data encryption, malware scans, and wiping data on stolen devices.
Keep IT resources healthy and well-staffed. When more employees than normal are working remotely, or remote work is new to an organization, IT resources may be strained and required IT assistance may increase.
Remember, GDPR, IT ACT’s, ISO27001, PCIDSS and other similar standards still apply during coronavirus.
Stay vigilant – cyber security is not immune to COVID-19.

27/03/2020

Cybersecurity for Individuals:

Simuna advises individuals to remain vigilant and take the following precautions.

 Avoid clicking on links in unsolicited emails and be wary of email attachments. Use Caution
with Email Attachments, Avoiding Social Engineering and Phishing Scams.
 Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based
information about COVID-19.
 Do not reveal personal or financial information in email, and do not respond to email
solicitations for this information.
 Verify a charity’s authenticity before making donations.

We will be giving additional tips on how to combat against cyber criminals, over the coming days we will publish a few ideas from our side;

Follow our website, pages on LinkedIn & Facebook

Contact us for a free assessment on your IT infrastructure

Visit us : https://lnkd.in/fv6ag2G
write to us : [email protected]
call us : +91 7356480220

Join us and stay safe and ‘cyber healthy’.

25/03/2020

Cybersecurity advices for Organizations:

While remote working arrangements may be effective to slow the community spread of COVID-19 from person to person, they present cybersecurity challenges that can be different than on-premise work. At Simuna we recommend examining the security of information technology systems by taking the following steps to help keep you systems secure:

• Secure systems that enable remote access.

o Ensure Virtual Private Network and other remote access systems are fully tested on VAPT & patched.

o Enhance system monitoring to receive early detection and alerts on abnormal activity.

o Implement multi-factor authentication.

o Ensure all machines have properly configured firewalls, as well as anti-malware and intrusion prevention software installed.

• Execute Security Testing on remote access solutions capacity or increase capacity.

• Ensure continuity of operations plans or business continuity plans are up to date.

• Increase awareness of information technology support mechanisms for employees who work remotely.

• Ensure awareness of cyber security policies and best cyber security practices for all your employees.

• Update incident response plans to consider workforce changes in a distributed environment.

Join us and stay safe and ‘cyber healthy’.

24/03/2020

Cyber Security & COVID-19:

We are in chaos and a lockdown; more people than ever are working from home. Organisations are forced to expose their internal applications, code, untested applications and internal network to internet for the daily activities.

Cyber Criminals are using this as an opportunity to gain access and loot your money & sensitive data. We advise all the organisations to take necessary steps to protect technological assets.

Simuna’s latest analysis shows that the frequency of cyber incidents had increased from 10 attempts per second to 10 attempts per microsecond.

Our findings shows that DOS(Denial of Service) attacks is the most seen, followed by Remote user Credential Theft, Identity Theft, Phishing, Malware Attacks, Data Theft, Ransomware attacks, even like simple phone calls as they know you are operating on a limited capacity.

We have decided to give tips on how to combat this- so over the coming days we will publish a few ideas from our side;
Join us and stay safe and ‘cyber healthy’.