Posted on Nov 21, 2022 | Updated on Nov 25, 2022 6 minutes
CSW's Threat Intelligence - November 21, 2022 - November 25, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | November 21, 2022 - November 25, 2022
Supriya Aluri
Posted on Nov 14, 2022 | Updated on Nov 18, 2022 7 minutes
CSW's Threat Intelligence - November 14, 2022 - November 18, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | November 14, 2022 - November 18, 2022
Supriya Aluri
Posted on Nov 7, 2022 | Updated on November 11, 2022 6 minutes
CSW's Threat Intelligence - November 7, 2022 - November 11, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | November 7, 2022 - November 11, 2022
Priya Ravindran, Supriya Aluri
Posted on Oct 31, 2022 | Updated on November 4, 2022 6 minutes
CSW's Threat Intelligence - October 31, 2022 - November 4, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | October 31, 2022 - November 4, 2022
Supriya Aluri
Posted on Oct 25, 2022 | Updated on October 28, 2022 3 minutes
CSW's Threat Intelligence - October 24, 2022 - October 28, 2022
This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from October 24, 2022 to October 28, 2022
Supriya Aluri
Posted on Oct 18, 2022 | Updated on Oct 21, 2022 6 minutes
CSW's Threat Intelligence - October 17, 2022 - October 21, 2022
This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Oct 17, 2022 to Oct 21, 2022
Supriya Aluri
Posted on Oct 10, 2022 | Updated on Oct 14, 2022 5 minutes
CSW's Threat Intelligence - October 10, 2022 - October 14, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | October 10, 2022 - October 14, 2022
Supriya Aluri
Posted on Oct 3, 2022 | Updated on October 07, 2022 3 minutes
CSW's Threat Intelligence - October 3, 2022 - October 7, 2022
This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Oct 3, 2022 to Oct 7, 2022
Supriya Aluri
Posted on Sep 27, 2022 | Updated on September 29, 2022 6 minutes
CSW's Threat Intelligence - September 26, 2022 - September 30, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | September 26, 2022 - September 30, 2022
Supriya Aluri
Posted on Sep 19, 2022 | Updated on Sep 23, 2022 5 minutes
CSW's Threat Intelligence - September 19, 2022 - September 23, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | September 19, 2022 - September 23, 2022
Supriya Aluri
.png)
Posted on Sep 12, 2022 | Updated on Sep 16, 2022 6 minutes
CSW's Threat Intelligence - September 12, 2022 - September 16, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Priya Ravindran
Posted on Sep 9, 2022 3 minutes
CSW's Threat Intelligence - September 05, 2022 - September 09, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | September 05, 2022 - September 09, 2022
Supriya Aluri
Posted on Sep 2, 2022 5 minutes
CSW's Threat Intelligence - August 29, 2022 - September 2, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Aug 22, 2022 6 minutes
CSW's Threat Intelligence - August 22, 2022 - August 26, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Aug 16, 2022 6 minutes
CSW's Threat Intelligence - August 15, 2022 - August 19, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Aug 12, 2022 3 minutes
An Exploration of Russia-based APT29’s Recent Campaigns
CSW's analysis of the vulnerabilities and attack tactics used by APT29 in recent campaigns
Vasanthakumar Thangaprakasam
Posted on Aug 9, 2022 6 minutes
CSW's Threat Intelligence - August 08, 2022 - August 12, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Aug 1, 2022 3 minutes
CSW's Threat Intelligence - August 02, 2022 - August 05, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Jul 25, 2022 3 minute
CSW's Threat Intelligence - July 25, 2022 - July 29, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Jul 18, 2022 3 minutes
CSW's Threat Intelligence - July 18, 2022 - July 22, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Jul 13, 2022 3 minutes
CSW's Weekly Threat Intelligence - July 11, 2022 - July 15, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Jul 8, 2022 2 minutes
CSW’s Friday Threat Intelligence
This week, we bring to you eight threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Pavithra Shankar, Supriya Aluri
Posted on Jul 1, 2022 3 minutes
CSW Weekly Threat Intelligence
All CVEs mentioned in this blog edition have received a maximum rating from the Threat Intelligence platform indicating high probability of exploitation.
Pavithra Shankar
Posted on Jan 10, 2022 5 minutes
A Pentester’s Perspective: What's Next after Domain Admin?
Organizations have been increasingly relying on cloud services from Azure, since Microsoft provides native support. As a result, CSW penetration testers have been researching various attack vectors related to Azure. Read on to find out more about their findings.
Venkatraman Kumar
Posted on Jan 9, 2022 2 minutes
How to Detect JNDI vulnerability in H2 Database Engine?
CSW Researchers have developed a script to detect the JNDI vulnerability - the well-known LogShell-like vulnerability. Run our simple-to-use script to ensure your projects are free from JNDI injections.
Pavithra Shankar
Posted on Dec 12, 2021 | Updated on Aug 30, 2022 2 Minutes
Have you Patched the Apache Log4j vulnerability CVE-2021-44228?
Apache Log4j vulnerability CVE-2021-44228 is a critical zero-day code execution vulnerability with a CVSS base score of 10. This weakness poses a significant risk to many applications and cloud services and it needs to be patched right away!
Sumeetha Manikandan, Pavithra Shankar
Posted on Aug 25, 2021 | Updated on June 28, 2022 4 minutes
Pegasus Spyware Snoops On Political Figures Worldwide
An Israeli zero-click cyber-espionage software recently infected the Apple devices of journalists and politicians from around the world by exploiting three zero-day vulnerabilities. Read our analysis of these vulnerabilities.
Surojoy Gupta
Posted on May 4, 2021 3 minutes
NSA Validates CSW’s warning on two critical vulnerabilities
In May 2020, CSW warned the industry of two critical vulnerabilities in Pulse Secure VPN and Citrix’s Remote Desktop solution that could be used by Ransomware or APT groups. One year after our warning, NSA, FBI and CISA validated the same.
Sumeetha
Posted on Mar 8, 2021 3 minutes
Cyber Women We Admire
This women’s day, we spoke to a few inspiring women executives who are breaking the myth and are soaring high. They are skilled, motivated, and talented and they come from different geographies, backgrounds but are united by their passion for cybersecurity.
Sumeetha Manikandan
Posted on Feb 11, 2021 3 minutes
Sri Lankan Domain Attack: Exposed Credentials available in Dark Web for Eight Years!
Investigations on the Sri Lankan Domain attack reveal that threat actors could have used exposed credentials and vulnerabilities to breach and redirect the websites. These credentials have been exposed on the dark web for the past eight years!
Sumeetha
Posted on Jan 21, 2021 3 minutes
Could Google’s most searched Top 10 vulnerabilities in 2020 be key attack indicators?
2020 was a productive year for threat actors. With the world’s workforce working remotely while dealing with the pandemic, threat actors were busy weaponizing critical vulnerabilities that had a global impact. Many organizations fell prey to ransomware and sophisticated cyber attacks that allowed remote and privileged access to sensitive information.
Sumeetha
Posted on Jan 21, 2021 3 minutes
Eight Cybersecurity Predictions from CSW Security Experts
What does 2021 have in store for cybersecurity? Will we take note of the lessons learned in 2020 and start taking security seriously? Will we see more cyberattacks? We asked our exclusive team of pentesting experts to predict the trends for us, and here is what they said.
Sindhuja Sreenivasan
Posted on Jan 11, 2021 3 minutes
Seven Predictions by Women Cyber Security Experts
What does 2021 have in store for cybersecurity? Will we take note of the lessons learned in 2020 and start taking security seriously? Will we see more cyberattacks?
Sindhuja
Posted on Dec 18, 2020 3 minutes
How to Detect SolarWinds Orion Product running on your network?
Popular scanners such as Tenable, Qualys and Nexpose are missing 48 vulnerabilities out of 102 vulnerabilities. To help 18000 customers who have been affected, CSW team has come up with a script that would help detect SolarWinds Orion Product running on your network.
Pavithra Shankar
Posted on Dec 16, 2020 3 minutes
CSW Analysis of SolarWinds: Top Scanners miss most of the vulnerabilities
The massive breach of SolarWinds Network Management product has compromised as many as 18,000 organizations outside of U.S Government entities, security agencies, defense entities. We took a closer look at the weaknesses that exist in other SolarWinds products and found that top scanners miss most of the vulnerabilities.
Sumeetha
Posted on Dec 15, 2020 5 minutes
Vulnerability Analysis: SolarWinds Orion Network Management
SolarWinds disclosed on Dec 13 that vulnerabilities in their network management tool Orion was used to mount attacks on FireEye and on several Government agencies. CSW analyzed Orion’s 15 Vulnerabilities and has found that CVE-2019-9546 – with a known critical Privilege Execution Exploit needs immediate remediation along with an upgrade to Orion Platform version 2020.2.1 HF.1.
Sumeetha
Posted on Dec 10, 2020 3 minutes
FireEye’s stolen Pentesting Tools & the vulnerabilities they target
CSW analyzed the vulnerabilities (impacted by FireEye’s stolen pentesting tools) and found that Chinese & Iranian APT Groups target them routinely. These CVEs are also favorite targets of Ransomware such as Ryuk, Maze, Netwalker.
Sumeetha
Posted on Aug 30, 2020 2 minutes
India's Cybersecurity Policy: Disclosure of Data Breaches
Will the new national cybersecurity policy include a disclosure policy similar to what the west has?
Sumeetha
Posted on Jul 19, 2020 3 minutes
How safe are Web Proxy?
Today, the reliance on applications such as web proxy, remote conferencing, VPNs, etc. are at an all-time high which is yet another reason for threat actors to work overtime to exploit vulnerabilities.
Sumeetha
Posted on Jul 19, 2020 3 minutes
How safe are Databases?
Cyber threat actors have been working hard during these pandemic times. Systems, infrastructure, and sensitive information that was hitherto viewed within the secure walls of one’s office is now being accessed through insecure connections and unsafe laptops from one’s home.
Sumeetha
Posted on Jul 19, 2020 5 minutes
How safe are Enterprise Data Storage Systems?
While Enterprise data storage systems are great to work with, they are also sitting ducks for threat attacks. Find out how?
Sumeetha
Posted on Jul 19, 2020 5 minutes
How safe are VPN solutions?
Travelex fell prey to a ransomware attack (on New Year’s Eve) because they failed to install a patch issued by their VPN - Pulse Secure. How safe are our VPNs? Let's find out.
Sumeetha
Posted on Jul 14, 2020 7 minutes
How safe are online conferences?
With the recent breaches in Zoom application and increasing instances of ‘zoombombing’ and data theft, a definitive study of popular online video conferencing tools was needed. Take a read.
Sumeetha
Posted on Jul 14, 2020 5 minutes
How safe are your Tech Stacks?
This April, Cognizant fell prey to a nasty ransomware attack whose ripple effect has shaken the world. How safe is your tech stack? Let's take a look.
Team CSW
