Ransomware
Ransomware What is it and how can we defend against it. Ransomware is a type of malware that encrypts a victim’s files or locks them out of their system, then demands a ransom payment (usually in cryptocurrency) to restore access. Here’s how it works: Infection: Often begins through phishing emails, malicious downloads, or exploiting vulnerabilities. Encryption: The malware encrypts files […]
Malware
Malware What is it and how can we defend against it. Malware (short for malicious software) is any software intentionally designed to cause damage to a computer, server, client, or network. It’s a broad category that includes various types of harmful programs used by cybercriminals to steal data, disrupt operations, or gain unauthorised access to systems. Common […]
Zero-Day Exploit
Zero-Day Exploit What is it and how can we defend against them A Zero-Day Exploit is a type of cyberattack that takes advantage of a previously unknown vulnerability in software or hardware – one that the vendor or developer has had “zero days” to fix because they are unaware of it. Key Concepts: Zero-Day Vulnerability: A flaw […]
Advanced Persistent Threat (APT)
Advanced Persistent Threat (APT) What is it and how can we defend against them An Advanced Persistent Threat (APT) in cybersecurity refers to a prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected for an extended period. These attacks are typically carried out by well-funded and highly skilled threat actors, […]
Social Engineering
Social Engineering What is it and how can we defend against them In cybersecurity, social engineering refers to the use of psychological manipulation to trick people into revealing confidential information or performing actions that compromise security. Instead of hacking into systems through technical means, attackers exploit human behavior—such as trust, fear, urgency, or curiosity. Here’s how it works: Social engineering attacks […]
Whaling
Whaling What is it and how can we defend against it Whaling is a sophisticated form of phishing attack that targets high-level executives such as CEOs, CFOs, and other senior decision-makers within an organisation. Unlike standard phishing, which casts a wide net to catch unsuspecting users, whaling is highly targeted and personalised – hence the name, […]
Man-in-the-Middle Attack (MitM)
Man-in-the-Middle Attack (MitM) What is it and how can we defend against them A Man-in-the-Middle (MitM) attack is a type of cyberattack where a malicious actor secretly intercepts and possibly alters the communication between two parties who believe they are communicating directly with each other. The attacker positions themselves between the sender and receiver, allowing them to […]
Distributed Denial-of-Service (DDoS)
Distributed Denial-of-Service (DDoS) What is it and how can we defend against it. A Distributed Denial-of-Service (DDoS) attack is a malicious attempt to disrupt the normal functioning of a targeted server, service, or network by overwhelming it with a flood of internet traffic. Unlike a regular Denial-of-Service (DoS) attack, which originates from a single source, a DDoS […]
Phishing
Phishing What is it and how can we defend against it. Phishing is a type of cyberattack where attackers try to trick people into giving away sensitive information—like usernames, passwords, credit card numbers, or other personal data—by pretending to be a trustworthy entity. How it works: Phishing usually happens through email, but it can also occur via text […]
Botnets
Botnets What are they and how can we defend against them. A botnet is a network of internet-connected devices -such as computers, smartphones, or IoT gadgets -that have been compromised by malware and are being controlled remotely by a cybercriminal, often without the knowledge of the device owners. The term “botnet” comes from the words “robot” and “network,” reflecting […]