Cyber Risk Blogs
Stay tuned with the latest news and updates from cyber security ecosystem.
Posted on 4th May, 2021 | By Sumeetha 3 Minutes
NSA Validates CSW’s warning on two critical vulnerabilities
In May 2020, CSW warned the industry of two critical vulnerabilities in Pulse Secure VPN and Citrix’s Remote Desktop solution that could be used by Ransomware or APT groups. One year after our warning, NSA, FBI and CISA validated the same.
Read More
Posted on 8th Mar, 2021 | By Sumeetha Manikandan 3 minutes
Cyber Women We Admire
This women’s day, we spoke to a few inspiring women executives who are breaking the myth and are soaring high. They are skilled, motivated, and talented and they come from different geographies, backgrounds but are united by their passion for cybersecurity.
Read More
Posted on 11th Feb, 2021 | By Sumeetha 3 Minutes
Sri Lankan Domain Attack: Exposed Credentials available in Dark Web for Eight Years!
Investigations on the Sri Lankan Domain attack reveal that threat actors could have used exposed credentials and vulnerabilities to breach and redirect the websites. These credentials have been exposed on the dark web for the past eight years!
Read More
Posted on 21st Jan, 2021 | By Sumeetha 3 minutes
Could Google’s most searched Top 10 vulnerabilities in 2020 be key attack indicators?
2020 was a productive year for threat actors. With the world’s workforce working remotely while dealing with the pandemic, threat actors were busy weaponizing critical vulnerabilities that had a global impact. Many organizations fell prey to ransomware and sophisticated cyber attacks that allowed remote and privileged access to sensitive information.
Read More
Posted on 21st Jan, 2021 | By Sindhuja Sreenivasan 3 minutes
Eight Cybersecurity Predictions from CSW Security Experts
What does 2021 have in store for cybersecurity? Will we take note of the lessons learned in 2020 and start taking security seriously? Will we see more cyberattacks? We asked our exclusive team of pentesting experts to predict the trends for us, and here is what they said.
Read More
Posted on 11th Jan, 2021 | By Sindhuja 3 minutes
Seven Predictions by Women Cyber Security Experts
What does 2021 have in store for cybersecurity? Will we take note of the lessons learned in 2020 and start taking security seriously? Will we see more cyberattacks?
Read More
Posted on 18th Dec, 2020 | By Pavithra Shankar 3 minutes
How to Detect SolarWinds Orion Product running on your network?
Popular scanners such as Tenable, Qualys and Nexpose are missing 48 vulnerabilities out of 102 vulnerabilities. To help 18000 customers who have been affected, CSW team has come up with a script that would help detect SolarWinds Orion Product running on your network.
Read More
Posted on 16th Dec, 2020 | By Sumeetha 3 minutes
CSW Analysis of SolarWinds: Top Scanners miss most of the vulnerabilities
The massive breach of SolarWinds Network Management product has compromised as many as 18,000 organizations outside of U.S Government entities, security agencies, defense entities. We took a closer look at the weaknesses that exist in other SolarWinds products and found that top scanners miss most of the vulnerabilities.
Read More
Posted on 15th Dec, 2020 | By Sumeetha 5 minutes
Vulnerability Analysis: SolarWinds Orion Network Management
SolarWinds disclosed on Dec 13 that vulnerabilities in their network management tool Orion was used to mount attacks on FireEye and on several Government agencies. CSW analyzed Orion’s 15 Vulnerabilities and has found that CVE-2019-9546 – with a known critical Privilege Execution Exploit needs immediate remediation along with an upgrade to Orion Platform version 2020.2.1 HF.1.
Read More
Posted on 10th Dec, 2020 | By Sumeetha 3 Minutes
FireEye’s stolen Pentesting Tools & the vulnerabilities they target
CSW analyzed the vulnerabilities (impacted by FireEye’s stolen pentesting tools) and found that Chinese & Iranian APT Groups target them routinely. These CVEs are also favorite targets of Ransomware such as Ryuk, Maze, Netwalker.
Read More
Posted on 30th Aug, 2020 | By Sumeetha 2 Minutes
India's Cybersecurity Policy: Disclosure of Data Breaches
Will the new national cybersecurity policy include a disclosure policy similar to what the west has?
Read More
Posted on 19th Jul, 2020 | By Sumeetha 3 Minutes
How safe are Web Proxy?
Today, the reliance on applications such as web proxy, remote conferencing, VPNs, etc. are at an all-time high which is yet another reason for threat actors to work overtime to exploit vulnerabilities.
Read More
Posted on 19th Jul, 2020 | By Sumeetha 3 Minutes
How safe are Databases?
Cyber threat actors have been working hard during these pandemic times. Systems, infrastructure, and sensitive information that was hitherto viewed within the secure walls of one’s office is now being accessed through insecure connections and unsafe laptops from one’s home.
Read More
Posted on 19th Jul, 2020 | By Sumeetha 5 Minutes
How safe are Enterprise Data Storage Systems?
While Enterprise data storage systems are great to work with, they are also sitting ducks for threat attacks. Find out how?
Read More
Posted on 19th Jul, 2020 | By Sumeetha 5 Minutes
How safe are VPN solutions?
Travelex fell prey to a ransomware attack (on New Year’s Eve) because they failed to install a patch issued by their VPN - Pulse Secure. How safe are our VPNs? Let's find out.
Read More
Posted on 14th Jul, 2020 | By Sumeetha 7 Mins Read
How safe are online conferences?
With the recent breaches in Zoom application and increasing instances of ‘zoombombing’ and data theft, a definitive study of popular online video conferencing tools was needed. Take a read.
Read More
Posted on 14th Jul, 2020 | By Team CSW 5 Mins Read
How safe are your Tech Stacks?
This April, Cognizant fell prey to a nasty ransomware attack whose ripple effect has shaken the world. How safe is your tech stack? Let's take a look.
Read More