CISA KEVs
Posted on Mar 14, 2023 5 minutes
CSW's Threat Intelligence - March 13, 2023 - March 17, 2023
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Mar 2, 2023 4 minutes
Why Are Some Ransomware Vulnerabilities More Dangerous than Others?
Securin experts mapped ransomware vulnerabilities to the MITRE Att&ck framework and identified 57 vulnerabilities that can be exploited from initial access to exfiltration. Read on to find out more about these vulnerabilities.
Surojoy Gupta
Posted on Feb 13, 2023 | Updated on Feb 17, 2023 5 minutes
CSW's Threat Intelligence - February 13, 2022 - February 17, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | February 13, 2022 - February 17, 2022
Supriya Aluri
Posted on Feb 17, 2023 4 minutes
All About Hive Ransomware
One of the most prolific ransomware groups to affect healthcare facilities, nonprofits, retailers, energy providers, and other sectors, with a total of more than 1,300 institutions hit by the ransomware group worldwide and a profit of $100 million in ransom payments, Hive Ransomware has been ruling the roost since June 2021. Read on to find out what Securin experts uncovered when they revisited HIVE and their attack tactics and techniques, and what organizations can do to remain safe from future attacks.
Surojoy Gupta
Posted on Jan 30, 2023 | Updated on Feb 3, 2023 6 minutes
CSW's Threat Intelligence - January 30, 2022 - February 3, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | January 30, 2022 - February 3, 2022
Supriya Aluri
Posted on Jan 18, 2023 | Updated on Jan 20, 2023 6 minutes
CSW's Threat Intelligence - January 16, 2022 - January 20, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | January 16, 2022 - January 20, 2022
Supriya Aluri
Posted on Jan 9, 2023 | Updated on Jan 17, 2023 6 minutes
CSW's Threat Intelligence - January 9, 2022 - January 13, 2023
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Dec 27, 2022 | Updated on Dec 30, 2022 3 minutes
CSW's Threat Intelligence - December 26, 2022 - December 30, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Dec 23, 2022 | Updated on February 3, 2023 4 minutes
All About Vice Society Ransomware
Vice Society has been recently observed employing multiple ransomware variants, similar to the Russian Sandworm Team and TA505 threat actors, apart from its double extortion tactics. After its recent attacks on the US K-12 education and healthcare sectors, Vice Society has garnered a lot of media attention. Read on to learn how to protect your network from Vice Society attacks.
Surojoy Gupta
Posted on Dec 12, 2022 | Updated on Dec 16, 2022 10 minutes
CSW's Threat Intelligence - December 12, 2022 - December 16, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | December 12, 2022 - December 16, 2022
Supriya Aluri
Posted on Dec 5, 2022 | Updated on Dec 9, 2022 5 minutes
CSW's Threat Intelligence - December 5, 2022 - December 9, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | December 5, 2022 - December 9, 2022
Supriya Aluri
Posted on Nov 28, 2022 | Updated on Dec 2, 2022 5 minutes
CSW's Threat Intelligence - November 28, 2022 - December 2, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | November 28, 2022 - December 2, 2022
Supriya Aluri
Posted on Nov 7, 2022 | Updated on November 11, 2022 6 minutes
CSW's Threat Intelligence - November 7, 2022 - November 11, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | November 7, 2022 - November 11, 2022
Priya Ravindran, Supriya Aluri
Posted on Oct 31, 2022 | Updated on November 4, 2022 6 minutes
CSW's Threat Intelligence - October 31, 2022 - November 4, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | October 31, 2022 - November 4, 2022
Supriya Aluri
Posted on Oct 25, 2022 | Updated on October 28, 2022 3 minutes
CSW's Threat Intelligence - October 24, 2022 - October 28, 2022
This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from October 24, 2022 to October 28, 2022
Supriya Aluri
Posted on Oct 18, 2022 | Updated on Oct 21, 2022 6 minutes
CSW's Threat Intelligence - October 17, 2022 - October 21, 2022
This blog brings you all the DHS CISA KEVs that need to be prioritized for patching from Oct 17, 2022 to Oct 21, 2022
Supriya Aluri
Posted on Oct 10, 2022 | Updated on Oct 14, 2022 5 minutes
CSW's Threat Intelligence - October 10, 2022 - October 14, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | October 10, 2022 - October 14, 2022
Supriya Aluri
Posted on Sep 28, 2022 | Updated on September 29, 2022 6 minutes
All about LockBit Ransomware
Read all about the CVEs exploited, attack methodology, and techniques used by the LockBit ransomeareKnow the CVEs exploited, attack methodology, and techniques used by the LockBit ransomeare
Supriya Aluri
Posted on Sep 9, 2022 3 minutes
CSW's Threat Intelligence - September 05, 2022 - September 09, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | September 05, 2022 - September 09, 2022
Supriya Aluri
Posted on Sep 2, 2022 5 minutes
CSW's Threat Intelligence - August 29, 2022 - September 2, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Aug 22, 2022 6 minutes
CSW's Threat Intelligence - August 22, 2022 - August 26, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Aug 18, 2022 7 minutes
How Safe Is Your VPN?
Did you know hackers can exploit 125 weaponized vulnerabilities in VPN products to attack their targets? CSW analysts deep dive into exposures in VPNs that could compromise organizational networks.
Priya Ravindran
Posted on Aug 16, 2022 6 minutes
CSW's Threat Intelligence - August 15, 2022 - August 19, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Aug 1, 2022 3 minutes
CSW's Threat Intelligence - August 02, 2022 - August 05, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Jul 25, 2022 3 minute
CSW's Threat Intelligence - July 25, 2022 - July 29, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Jul 14, 2022 | Updated on Sep 06, 2022 5 minutes
All about BlackCat (ALPHV)
Did you know that the BlackCat ransomware group breached 60+ organizations in a single month? Read on to know about CSW's research into the ransomware group, the vulnerabilities they use, and their attack techniques and tactics.
Priya Ravindran
Posted on Jul 13, 2022 3 minutes
CSW's Weekly Threat Intelligence - July 11, 2022 - July 15, 2022
We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Supriya Aluri
Posted on Jul 12, 2022 | Updated on Sep 09, 2022 3 minutes
How safe are storage devices from a ransomware attack?
Does your organization use Network Attached Storage (NAS) devices? If you think that backing up data in these devices will keep you safe from a ransomware attack, you might have to revisit your security strategy.
Priya Ravindran
Posted on Jul 8, 2022 2 minutes
CSW’s Friday Threat Intelligence
This week, we bring to you eight threats that are currently trending as well as new vulnerabilities that hackers are exploiting.
Pavithra Shankar, Supriya Aluri
Posted on Jul 4, 2022 | Updated on Sep 21, 2022 5 minutes
Why Should Schools Prioritize Cybersecurity?
This blog provides a snapshot of how CSW is helping schools gain resilience against cyber attacks and evolving threats and what schools can do to stay safe from ransomware attacks.
Supriya Aluri
Posted on Jul 1, 2022 3 minutes
CSW Weekly Threat Intelligence
All CVEs mentioned in this blog edition have received a maximum rating from the Threat Intelligence platform indicating high probability of exploitation.
Pavithra Shankar
Posted on Jun 27, 2022 2 minutes
CSW Weekly Threat Intelligence
CSW weekly threat intelligence edition brings to you early warnings about critical vulnerabilities that could potentially be weaponized and prove dangerous to your organization and its assets.
Pavithra Shankar
Posted on Jun 13, 2022 2 minutes
CISA Adds Vulnerabilities Warned by CSW’s Ransomware Reports
In a recent update of KEV on May 23, 2022, CISA has added three of four vulnerabilities that were called out in the CSW’s Q1 2022 Ransomware Report (May 18, 2022) thereby validating our research and recommendations.
Priya Ravindran
Posted on Mar 16, 2022 5 minutes
Cyberwar Bulletin 2: Are you ready for this cyberwar?
This bulletin covers CSW's research on the cyberwar, in particular the ransomware and malware threats that are spawning out of the Russia-Ukraine conflict.
Sumeetha Manikandan, Priya Ravindran
Posted on Mar 2, 2022 | Updated on July 6, 2022 5 minutes
Latency Analysis of DHS CISA KEVs
In this blog, CSW experts analyzed CISA’s Known Exploited Vulnerabilities (KEV) list for latencies in publishing, exploiting, and patching to understand how fast attackers are weaponizing them for attacks.
Priya Ravindran, Sumeetha Manikandan
Posted on Mar 2, 2022 | Updated on March 01, 2023 3 minutes
Top Scanners Fail to Flag DHS CISA-warned Known Exploited Vulnerabilities (KEV)
We looked into the DHS CISA KEV catalog one step further and found that 59 actively known exploited CVEs were missed by top scanners such as Nessus, Nexpose, and Qualys. Click here to know more!
Pavithra Shankar, Priya Ravindran
Posted on Jan 4, 2022 5 minutes
Top 5 Affected Products in CISA’s Catalog of Known Exploited Vulnerabilities (KEV)
Our researchers analyzed CISA’s catalog of Known Exploited Vulnerabilities (KEV) to study the most affected products by number of vulnerabilities. Read on to learn more about their analysis.
Surojoy Gupta
Posted on Dec 6, 2021 5 minutes
Top Affected Vendors according to CISA’s Catalog of Known Exploited Vulnerabilities (KEV)
While all vulnerabilities listed by CISA are critical and should be prioritized for patching, five vendors stand out from the rest with the most number of CVEs associated with their products. In this blog, we have taken a detailed look at top five vendors and the vulnerabilities that plague them.
Surojoy Gupta
Posted on Nov 22, 2021 | Updated on March 01, 2023 5 minutes
CISA Releases a Directive Asking Organizations to Patch Known Exploited Vulnerabilities
The DHS Cybersecurity and Infrastructure Security Agency (CISA) released a directive with a list of 887 known and exploited vulnerabilities that public sector entities and organizations need to patch immediately!
Surojoy Gupta, Priya Ravindran, Pavithra Shankar
Posted on Nov 15, 2021 | Updated on May 25, 2022 5 minutes
20 Percent of CVEs Listed in CISA’s Latest Directive have Ransomware Associations
A directive recently released by the US government-backed Cybersecurity and Infrastructure Security Agency has a list of 703 known vulnerabilities that organizations have been asked to focus on patching immediately. Amongst them, 158 vulnerabilities have been identified as being exploited actively by various ransomware families. Read on to learn more about the vulnerabilities.
Surojoy Gupta
Posted on Oct 26, 2021 | Updated on Aug 23, 2022 3 minutes
Security Management: CVE-2021-36260, Patch this Hikvision Vulnerability.
The video surveillance giant Hikvision disclosed a zero-click vulnerability tracked as CVE-2021-36260, which has existed from at least 2016, according to researchers. The vulnerability that exists in Hikvision camera models is highly susceptible to remote hijacking without requiring a username or password.
Pavithra Shankar
