A phishing attack is a social engineering method where an attacker sends a fraudulent email or message designed to trick a person into revealing private or personal information. Another method could see a hacker deploy malicious software onto a victim’s infrastructure, such as ransomware. But the burning question you might ask is, what is a common indicator of a phishing attempt? … Read More
Ransomware prevention: Top Security Tips
Why ransomware prevention is so important Ransomware attacks are now commonplace. They’re evident in almost every industry and in every country around the world. Paying a ransom might seem like the only option for recovering locked or stolen data, but experience has shown that cybergangs don’t always follow through once they’ve been paid. Hackers manage to keep pace with cybersecurity updates … Read More
Importance of continuous control monitoring (CCM)
What is continuous control monitoring? Continuous control monitoring (CCM) is defined as using a set of technologies to reduce company losses through continuous monitoring. It also reduces the cost of audits via the continuous auditing of controls in financial applications and other types of applications. In the overall business ecosystem, CCM sits above your existing security tooling, ensuring that all assets … Read More
Phishing emails & ways to prevent spear phishing
What is spear phishing? Spear phishing is defined as the fraudulent practice of sending emails ostensibly from a known or trusted sender to induce targeted individuals to reveal confidential information. As the name would suggest, spear phishing is a type of phishing attack targeted at a small group or individual. Whereas phishing attacks are broad and apply to many people, … Read More
Understanding the cyber risks of the LDAP protocol
The Lightweight Directory Access Protocol (LDAP protocol) is an open, vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network. LDAP is a client-based lightweight version of Directory Access Protocol (DAP). It operates on both private intranets and public networks, and across multiple directory services which makes it the most convenient for authenticating, … Read More
How a cyber ecosystem works – your protection against a supply chain attack
A cyber ecosystem is very much like a physical ecosystem. Within a cyber ecosystem, individuals, organisations, and external parties interact with one another to form one digital functioning unit. Your organisation remains at the heart of this ecosystem and will be joined by other entities surrounding it, such as suppliers, vendors, and third or fourth parties. But in case of a supply chain … Read More
What is a zero trust security model?
RiskXchange comes up with innovative solutions to everyday problems experienced at the hands of hackers. Principal Analyst of Forrester Research, John Kindervag founded the zero trust security model in 2010. The model, also known as perimeterless security, describes an approach to the design and implementation of IT systems. The zero trust concept is based around “never trust, always verify,” which means devices should … Read More
Domain-name typosquatting attacks are increasing: Here’s how to secure your networks
When BlueCat combed through a sample of seven billion DNS queries, they discovered that some of the most queried top-level domains were misspelt variations of “.com”. This trend reveals that typosquatting attacks, also known as URL hijacking, is a growing phenomenon. Domain spoofing is not a new trend, although it has been growing considerably in the past year due in … Read More