New eBook: Navigating The Digital Personal Data Protection Bill of India – 2023

New eBook: Navigating The Digital Personal Data Protection Bill of India – 2023
📚 Exciting News! Introducing our new eBook: "Navigating The Digital Personal Data Protection Bill of India - 2023" 🔒 Are you ready to tackle the complexities of the bill? Here's a guide breaking down the key aspects in a clear and understandable way from a technical implementation point of view. 🔑 What's Inside: - Demystifying the Bill's provisions and implications - Understanding exemptions and obligations - Actionable steps to ensure compliance

CERT-In: Guidelines on Information Security Practices for Government Entities.

CERT-In: Guidelines on Information Security Practices for Government Entities.
A quick appreciation note to CERT-In for the commendable work done regarding the "Guidelines on Information Security Practices for Government Entities." The comprehensive guidelines deserve recognition as they showcase a meticulous approach towards: Securing sensitive information within government entities. Fostering a culture of cybersecurity within government organizations. Commitment to strong leadership through a CISO and governance v...

Introducing our latest free e-book: ” Cybersecurity for Startups”.

As an entrepreneur, you are aware that information security is a challenge arising from building and growing a new business. Unfortunately, information security is often deprioritized over say product development or marketing. A single data breach can be disastrous for your company's reputation and finances. Together with Aalok Karnik, I've authored this e-book designed to help startups prioritize cybersecurity and develop a comprehensive security progr

Demystifying CERT-In directives (dated 28th April 2022)

Demystifying CERT-In directives (dated 28th April 2022)
[Download PDF] Introduction Cyber security has always been a hot topic area and it’s gaining momentum by leaps and bounds these days (which is great for information security professionals like us :D ). In all seriousness, “Data is the new Oil” and there are criminal agencies operating worldwide with impunity that harvest user data and sell it or use it for malicious/financial gain. CERT-In (under MeitY, Govt of India) has recently issued a much need

Microsoft Most Valuable Professional – MVP (again)

Microsoft Most Valuable Professional – MVP (again)
Super excited to be awarded by Microsoft for the 10th time in a row as Most Valuable Professional in the domain of "Enterprise Security" under the named award category of "Cloud and Datacenter Management". A decade is a good thing, right :) For the sake of clarity, It's awarded for non-commercial community contributions, commercially benefiting contributions are not counted It doesn't have to be saying good about Microsoft only, they are pre

Mont Blanc India – An interesting fraud or a real bad way of handling operations

Mont Blanc India – An interesting fraud or a real bad way of handling operations
UPDATE: Looking at the comments on this blog so far, it's definitely a scam, not a bad way of handling operations On the 9th December 2019, I received an SMS that genuinely piqued my interest. Ordinarily, I wouldn’t entertain any unsolicited offers but I am a luxury fountain pen fanboy, and Mont Blanc is a highly coveted name. Add to that, the SMS sender had a Sender-ID, (i.e. QP-MONTDE, QP-MONTBI etc.) which (I believe) is not very easy to...

Another Entrepreneurial Milestone

Another Entrepreneurial Milestone
I am delighted to announce that my company "Junco Technologies" has been acquired by  Quick Heal Technologies Ltd in an all stock deal.. As you may be aware, Quick Heal is one of the leading IT security solutions company listed with the Bombay Stock Exchange and National Stock Exchange.However, I will continue to be the proud owner for ClubHack, as it will remain as a community driven initiative to bring security awareness in common people who use com

Misty Rhythms – What a music band

Misty Rhythms – What a music band
I remember in good old days when I was in school & I heard this music band called "Misty Rhythms".The album was called as "Aye Laila" & had one song with a music video which got somewhat popular due to fresh born MTV in India those days. (Can anyone point me to the actual music video of that song?)I had the "cassette" of this album but slowly with death of tapes, I lost this album. I searched online many times to buy a CD/DVD version but never got

Free WebApp Security Testing Tools

A lot of tweets today informed me about launch of Damn Vulnerable Web App (DVWA) which is basically an aid for security professionals to test their skills and tools and help web developers better understand the processes of securing web applications.I had an old list of tools/plug-ins/utilities etc which can be helpful while playing with DVWA and I'd like to share the same for you to learn WebApp Security better.Proxy Servers:WebScarab: http://www.owasp.o

Password analysis from 10,000 leaked Hotmail passwords

On 5th October theregister reported more than 10,000 password were leaked mysteriously on pastebin.com. See this tweetAs a followup study "Acunetix Web Application Security Blog" did an analysis on the kind of password people use.Some interesting findings are as follows-Statistics: The list initially contained 10,028 entries.There are 8931 (90%) unique passwords in the list. The longest password was 30 chars long: lafaroleratropezoooooooooooooo.The shortes