CYBX - Cyber Security

Our Services

The CYBX cyber security team based in Malvern, Worcestershire, offers products and services to help your organisation become more cyber resilient and better prepared against attacks.

Penetration Testing

Vulnerability Scanning

Cyber Consultancy

Cyber Awareness Training

Phishing Campaign

Secure Network Design

Our Work

We have taken cyber security very seriously and we chose CYBX as our supplier for training and guidance to obtain the required accreditation, which we did successfully and on time. We are full of praise for the CYBX team and nothing was too much trouble for them.

CYBX Customer

I knew I needed to get Cyber Essentials certification as part of the Government drive for better cyber security. Not having a large team or infrastructure to review, I didn’t really know where to start. CYBX team’s knowledge and professionalism made this a really simple process and I would highly recommend others make use of their services.

CYBX Customer

We were very pleased with the penetration testing conducted by CYBX. The software provided to CYBX had been protected using a third-party application, but CYBX immediately identified that part of this protection had not worked correctly. CYBX advised us of the situation, allowing us to correct the problem. Thankfully, CYBX were happy to receive the updated protection and resume the pen testing, in which they identified yet another shortcoming in the protection applied. Without the work of CYBX, it is quite possible sensitive IP could have been exposed.

CYBX Customer

Blog Posts

The latest cyber resilience related blogs by the CYBX team

Botnets, Credential Stuffing and mitigation

Dark_Nexus Botnet BitDefender researchers have recently identified a new botnet, dubbed “dark_nexus”. This botnet is similar to the Mirai botnet from back in 2016, but instead targets IoT devices to perform distributed denial of service (DDoS) attacks. This botnet grows primarily by using credentials stuffing attacks against different types of devices such as routers, video[…]

Backups: tips from the team

Our article focuses on some important ideas for how to implement your own backup strategy or refine your existing processes to protect your data. When faced with technical failure or an attack, be it against your business or personal network, having a set of data you can access to recover any lost data is the[…]

Confidentiality, Availability and Integrity

Confidentiality, availability and integrity, known as the CIA triad, are considered the most crucial parts of security. Confidentiality – is the assurance the information is not disclosed to unauthorised individuals, processes or devices while making sure authorised personnel can. The confidentiality of data can be adhered to by utilising strong complex passwords, two-factor authentication and[…]

Event logs

Event logs are detailed records containing information relating to what occurred on the device. A log entry is created for every event and application notification on a device within the network and are often categorised with a severity level ranging from information through to critical. Windows event logs can be utilised by the network administrators[…]

Our tips to stay safe when working remotely

Throughout the recent developments, the team at borwell and cybx have been hard at work ensuring appropriate business continuity and resilience are in place to facilitate remote working capabilities while keeping business as close to usual as possible. As part of this, we are sharing some of the best tips to make sure that you[…]

Utility Programs

A utility program is usually smaller than a standard application and refers to a program that is responsible for managing system resources and adding functionality to your computer. This can include screen savers, icon tools and other desktop enhancement features. A privileges utility program is an application that requires elevated (administrative) privileges to perform the[…]

Critical Security Flaw in GDPR WordPress Plugin

A warning has been issued against WordPress users to update a plugin that had introduced a critical security flaw. The General Data Protection (GDPR) compliance plugin allowed users to easily ensure that users accepted cookies when visiting the website and had the option to allow or disallow their information to be supplied to third parties.[…]

Policies

A policy contains numerous ideas or a plan of what should be done in certain situations. Businesses generally have policies relating to HR and finance but are lacking in security policies. An information security policy is used to describe a set of rules, inclusive of allowed and disallowed behaviour for its information systems and assets[…]

Penetration testing devices

A rubber ducky looks like a normal USB stick but can be used for malicious purposes by threat actors. A Rubber Ducky can be used to conduct various tasks such as obtain passwords as well as transfer files between machines to further compromise your laptop/desktop. Even if USB devices are blocked on the computer, a[…]

Risk Assessment

Risk assessments should include all the risks relating a project, activity or organisation and should be performed on a regular basis or when additional risks are present. All risks should be placed into a risk assessment table and include the likelihood and impact of this occurring. It allows all risks to be defined and categorised[…]

Previous Next

Contact Us

STAY IN TOUCH

Sign up for email updates on CYBX news & services. Our monthly newsletter includes helpful hints & tips to you improve your cyber resilience

CYBX is the borwell brand for its Cyber Security team, services and products.