Posted on Feb 7, 2022 4 minutes
Rootkit Attacks: Start to a Dangerous Trend?
iLOBleed, a previously undetected rootkit, was spotted targeting the HP Enterprise’s Integrated Lights-Out (iLO) server management technology to tamper with the firmware modules and wipe data off the infected systems. Could this portend a dangerous trend? Read our analysis to find out.
Surojoy Gupta
Posted on Jan 25, 2022 2 minutes
CSW Discovers a XSS Vulnerability in WordPress Post Duplicator Plugin
Cyber Security Works discovered and reported a Stored Cross-Site Scripting vulnerability in WordPress Post Duplicator Plugin that allows an authenticated attacker to inject a JavaScript payload into a trusted URL.
Pavithra Shankar
Posted on Nov 15, 2021 | Updated on May 25, 2022 5 minutes
20 Percent of CVEs Listed in CISA’s Latest Directive have Ransomware Associations
A directive recently released by the US government-backed Cybersecurity and Infrastructure Security Agency has a list of 703 known vulnerabilities that organizations have been asked to focus on patching immediately. Amongst them, 158 vulnerabilities have been identified as being exploited actively by various ransomware families. Read on to learn more about the vulnerabilities.
Surojoy Gupta
Posted on Oct 6, 2021 3 minutes
CSW Discovers Stored Cross-Site Scripting (XSS) Zero-Day Vulnerability in WordPress Plugin
On September 1, 2021, CSW researchers discovered a Cross-Site Scripting (XSS) zero-day vulnerability in Zoho CRM Lead Magnet Version 1.7.2.4. Read on to find out more about the vulnerability.
Surojoy Gupta
Posted on Jan 8, 2021 3 minutes
CSW Disclosed 4 Hardcoded Credentials on D-Link Products
Asset and lifecycle management are complex initiatives that organizations should keep pace with as products reach the end of life (EOL) or end of support (EOS) and become obsolete. This obsolescence gives rise to security vulnerabilities that could be exploited by threat actors.
Bhavithra
Posted on Nov 27, 2020 3 minutes
How to detect CVE- 2020-24600?
A new zero-day vulnerability, CVE-2020-24600, was discovered by Cyber Security Works in Shilpi - Capexweb 1.1.
Bhavithra
Posted on Sep 21, 2020 2 minutes
How to detect vulnerability CVE-2020-24601?
Cyber Security Works has discovered a new zero-day vulnerability, CVE-2020-24601 in Ignite Realtime Openfire 4.5.1.
Bhavithra
Posted on Sep 21, 2020 2 minutes
How to detect vulnerability CVE-2020-24602?
Cyber Security Works discovered a new zero-day vulnerability, CVE-2020-24602 in Ignite Realtime Openfire 4.5.1. Openfire (formerly Wildfire).
Bhavithra
Posted on Sep 21, 2020 2 minutes
How to detect Vulnerability CVE-2020-24604?
Cyber Security Works discovered a reflected XSS vulnerability, CVE-2020-24604, in Ignite Realtime Openfire 4.5.1. Openfire (formerly Wildfire).
Bhavithra
Posted on Sep 3, 2020 3 minutes
How to detect the vulnerability CVE-2020-14723?
A new zero-day vulnerability, CVE-2020-14723, was discovered by Cyber Security Works in Oracle Help Technologies related to the Web UIX component.
Bhavithra
Posted on Jul 28, 2020 5 minutes
How to detect CVE-2020-5902?
CVE-2020-5902 is a critical remote code vulnerability that was discovered in the F5 Networks Big-IP administrative interface. From discovery to mitigation, see how things unfolded and check out CSW’s script to detect this vulnerability in Big-IP products.
Sumeetha
