Malware analysis is the process of understanding the purpose and behaviour of a suspicious file, website, server, or application. The analysis output helps with the detection, reduction and/or mitigation of potential threats. Malware analysis is a key process that ensures overall computer and cyber security as well as the security and safety of an organisation’s digital assets. Malware analysis not only … Read More
Why is cyber security for financial services so important?
With the vast amounts of money and sensitive data they possess, financial services companies are one of the most common targets for cybercriminals. Worse, because of the highly lucrative opportunities for theft, fraud, and extortion, financial institutions attract the most competent, experienced, and motivated cybercriminals, including organised cybercriminal syndicates that employ the most sophisticated and diverse tools and techniques, making … Read More
What is cyber risk modeling
As malicious actors continue refining their attack methods, the average cost of a data breach is rising. Consequently, companies must devise cyber risk mitigation strategies and implement the required security controls to better protect their networks and infrastructure with an appropriate sense of urgency. Unfortunately, the technical nature of cyber security means that IT personnel often have difficulty accurately conveying … Read More
What is technology risk management?
Technology risk management demands careful attention and a comprehensive plan. RiskXchange can deliver both. Almost every business today relies upon technology to function. The use of computers, laptops, smart phones, tablets, and the internet, have created a technological foundation upon which businesses are built. This, however, opens up some major technological risks and where technology risk management comes in handy. … Read More
What is Data Exfiltration?
Data exfiltration is a type of security breach that occurs when a company or individual’s data is retrieved, transferred, or copied from a server or computer without authorisation. Cybercriminals are usually responsible for data exfiltration by stealing data from corporate or personal devices, such as mobile phones or computers, using various data exfiltration attack methods. Another definition of data exfiltration … Read More
What are botnets?
Continuous monitoring by cybersecurity firms like RiskXchange highlights vulnerabilities that hackers could exploit to prevent a botnet attack. What are botnets? In short, a botnet is a group of internet-connected devices (IoT) that are infected by malware and used for cyberattacks by cybercriminals. They tend to be under the control of one attacking party, the “bot-herder.” Each machine under the … Read More
How malware has evolved over time
One of the key reasons that organisations of all sizes can’t take their cybersecurity for granted is that nothing stays still for long. The methods that cybercriminals use to breach organisations’ defences and steal or compromise their sensitive data constantly evolve and grow increasingly sophisticated – and this is especially true of malware. To understand how to protect yourself from cyber … Read More
How to avoid a baiting attack
Social engineering attacks are one of the most significant threats to an organisation’s information security. So much so that a staggering 98% of cyberattacks involve some social engineering component. One of the social attacks favoured by cybercriminals is known as baiting. In this article, we look at baiting attacks and how to avoid them. What is a Baiting Attack? Baiting … Read More
How to prevent a pharming attack & what it involves
A recent study has revealed that 88% of organisations worldwide have suffered a DNS attack in the past year. More alarmingly, each organisation experienced seven attacks on average – at $942,000 (£836,000) per attack. One of the most common forms of attack on DNS servers is known as pharming. Let’s explore what a pharming attack is, how they occur, … Read More