What are vulnerability management tools for? 

What are vulnerability management tools for

Vulnerability management tools are security applications that scan networks and software to identify weaknesses that malicious actors can exploit. Once a scan pinpoints a weakness, the vulnerability software initiates or recommends remediation action, which reduces the risk of attack.  Vulnerability management tools incorporated alongside other security measures are key for businesses to not only prioritise possible threats but to minimise attack surfaces … Read More

Log4j zero day vulnerability: How to protect yourself

Log4j zero day vulnerability

The Log4j zero day vulnerability (CVE-2021-44228) is a remote code execution (RCE) vulnerability that allows malicious actors to take complete control of vulnerable devices and execute arbitrary code.  The Log4j 0-day vulnerability has to date, been detected in more than 3 million vulnerable instances. Researchers also found that nearly 68,000 vulnerabilities were present in cloud workloads and containers within the … Read More

New Spring4Shell vulnerability: CVE-2022-22963 and CVE-2022-22965

New Spring4Shell vulnerability CVE-2022-22963 and CVE-2022-22965

Spring4Shell – a new zero-day vulnerability which affects Spring users It’s the second critical bug that has been identified on the application within a week. Spring is a widely used application framework and inversion of control container for the Java platform. Its core features can be used by any Java application which means a large number of users may have … Read More

How to protect personally identifiable information from a cyber breach 

How to protect personally identifiable information

In recent years, personally identifiable information (PII) such as social security numbers, medical history, and banking details have become a high priority target for cybercriminals. For example, There were 1.4 million reported ID theft incidents in 2020, as opposed to 650,000 incidents in 2019.  Driven by the prospect of high prices on the dark web and security vulnerabilities prevalent in … Read More

How to protect your server against shellshock vulnerability

shutterstock 1255276315 RiskXchange The leader in Third-Party Cyber Risk Management

Shellshock vulnerability is a bug in the Bash command-line interface shell that has existed for over three decades, though it was first discovered in 2014. Despite its discovery eight years ago, the vulnerability, also known as Bash Bug software, still poses a danger to organisations. In fact, the threat is so severe that the National Institute of Standards and Technology … Read More

Looking back at the top data breaches of 2021

shutterstock 1136227238 1 RiskXchange The leader in Third-Party Cyber Risk Management

RiskXchange can help your company avoid becoming one of those affected by costly cyberattacks and ensure your organisation doesn’t make our list of top data breaches.. Cybercriminals flourished in 2021, which is, of course, bad news for businesses right around the globe. The Identity Theft Resource Center (ITCR) reported that by the end of September last year, the number of … Read More

PrintNightmare: Understanding the Windows Print Spooler vulnerability

RiskXchnage PrintNightmare Understanding the Windows Print Spooler vulnerability RiskXchange The leader in Third-Party Cyber Risk Management

RiskXchange provides full visibility over your eco-systems’ entire attack surface in near real-time to avoid vulnerabilities like PrintNightmare. Researchers at Sangfor Technologies accidentally published a proof-of-concept (PoC) exploit recently for a new and unpatched vulnerability affecting the Print Spooler service on newer versions of Windows. Although the PoC was deleted soon after its publication, the damage was already widespread. The … Read More

Leveraging common vulnerabilities and exposures (CVE) to strengthen cybersecurity posture

RiskXchange Common Vulnerabilities And Exposures Database RiskXchange The leader in Third-Party Cyber Risk Management

As organisations across finance, healthcare, and logistics continue to transfer their operations to cloud-based applications, it raises concerns about third-party vendor attacks. Cyber attacks via third parties and vendors have been on the rise in recent years. Research shows over 1,767 reported data breaches in 2021, and experts claim that this number will go up within the next few years. … Read More

What is an attack vector and how can you avoid it?

cyberattack vectors

RiskXchange generates objective and quantitative reporting on a company’s cyber security risk and performance.  Cybercrime is ever evolving, and hackers are changing their tactics daily. Malware is commonplace but ransomware is the biggest threat to organisations in 2021. Some attack vectors – like phishing and credential theft – have been around for quite some time while others have cropped up in recent years causing widespread damage. What is an attack … Read More