Cyberwar Bulletin: Iran and Albania

Blogs

Read about the latest news and updates from the cybersecurity ecosystem.

CISA KEVs

Posted on Sep 28, 2022 | Updated on September 29, 2022 6 minutes

All about LockBit Ransomware

Read all about the CVEs exploited, attack methodology, and techniques used by the LockBit ransomeareKnow the CVEs exploited, attack methodology, and techniques used by the LockBit ransomeare

Read More

Supriya Aluri

Posted on Sep 9, 2022 3 minutes

CSW's Threat Intelligence - September 05, 2022 - September 09, 2022

We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting. | September 05, 2022 - September 09, 2022

Read More

Supriya Aluri

Posted on Sep 2, 2022 5 minutes

CSW's Threat Intelligence - August 29, 2022 - September 2, 2022

We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.

Read More

Supriya Aluri

Posted on Aug 22, 2022 6 minutes

CSW's Threat Intelligence - August 22, 2022 - August 26, 2022

We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.

Read More

Supriya Aluri

Posted on Aug 18, 2022 7 minutes

How Safe Is Your VPN?

Did you know hackers can exploit 125 weaponized vulnerabilities in VPN products to attack their targets? CSW analysts deep dive into exposures in VPNs that could compromise organizational networks.

Read More

Priya Ravindran

Posted on Aug 16, 2022 6 minutes

CSW's Threat Intelligence - August 15, 2022 - August 19, 2022

We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.

Read More

Supriya Aluri

Posted on Aug 1, 2022 3 minutes

CSW's Threat Intelligence - August 02, 2022 - August 05, 2022

We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.

Read More

Supriya Aluri

Posted on Jul 25, 2022 3 minute

CSW's Threat Intelligence - July 25, 2022 - July 29, 2022

We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.

Read More

Supriya Aluri

Posted on Jul 14, 2022 | Updated on Sep 06, 2022 5 minutes

All about BlackCat (AlphaV)

Did you know that the BlackCat ransomware group breached 60+ organizations in a single month? Read on to know about CSW's research into the ransomware group, the vulnerabilities they use, and their attack techniques and tactics.

Read More

Priya Ravindran

Posted on Jul 13, 2022 3 minutes

CSW's Weekly Threat Intelligence - July 11, 2022 - July 15, 2022

We bring you threats that are currently trending as well as new vulnerabilities that hackers are exploiting.

Read More

Supriya Aluri

Posted on Jul 12, 2022 | Updated on Sep 09, 2022 3 minutes

How safe are storage devices from a ransomware attack?

​​​​​​​Does your organization use Network Attached Storage (NAS) devices? If you think that backing up data in these devices will keep you safe from a ransomware attack, you might have to revisit your security strategy.

Read More

Priya Ravindran

Posted on Jul 8, 2022 2 minutes

CSW’s Friday Threat Intelligence

This week, we bring to you eight threats that are currently trending as well as new vulnerabilities that hackers are exploiting.

Read More

Pavithra Shankar, Supriya Aluri

Posted on Jul 4, 2022 | Updated on Sep 21, 2022 5 minutes

Why Should Schools Prioritize Cybersecurity?

This blog provides a snapshot of how CSW is helping schools gain resilience against cyber attacks and evolving threats and what schools can do to stay safe from ransomware attacks.

Read More

Supriya Aluri

Posted on Jul 1, 2022 3 minutes

CSW Weekly Threat Intelligence

All CVEs mentioned in this blog edition have received a maximum rating from the Threat Intelligence platform indicating high probability of exploitation.

Read More

Pavithra Shankar

Posted on Jun 29, 2022 5 minutes

MITRE Mapping of CISA KEVs and its Challenges

This blog brings talks about the challenges that exist in mapping CWEs to CAPEC using MITRE and ATT&CK

Read More

CSW Research Team

Posted on Jun 27, 2022 2 minutes

CSW Weekly Threat Intelligence

CSW weekly threat intelligence edition brings to you early warnings about critical vulnerabilities that could potentially be weaponized and prove dangerous to your organization and its assets.

Read More

Pavithra Shankar

Posted on Jun 13, 2022 2 minutes

CISA Adds Vulnerabilities Warned by CSW’s Ransomware Reports

In a recent update of KEV on May 23, 2022, CISA has added three of four vulnerabilities that were called out in the CSW’s Q1 2022 Ransomware Report (May 18, 2022) thereby validating our research and recommendations.

Read More

Priya Ravindran

Posted on Mar 17, 2022

After a year, DHS CISA Adds CVE-2021-21315 to KEVs Catalog!

A researcher from Cyber Security Works (CSW) took a deep dive into this NodeJs CVE 2021-21315 vulnerability and developed a Proof-of-Concept exploit code.

Read More

Ayushman

Posted on Mar 16, 2022 5 minutes

Cyberwar Bulletin 2: Are you ready for this cyberwar?

This bulletin covers CSW's research on the cyberwar, in particular the ransomware and malware threats that are spawning out of the Russia-Ukraine conflict.

Read More

Sumeetha Manikandan, Priya Ravindran

Posted on Mar 2, 2022 | Updated on July 6, 2022 5 minutes

Latency Analysis of DHS CISA KEVs

In this blog, CSW experts analyzed CISA’s Known Exploited Vulnerabilities (KEV) list for latencies in publishing, exploiting, and patching to understand how fast attackers are weaponizing them for attacks.

Read More

Priya Ravindran, Sumeetha Manikandan

Posted on Mar 2, 2022 | Updated on September 26, 2022 3 minutes

Top Scanners Fail to Flag DHS CISA-warned Known Exploited Vulnerabilities (KEV)

We looked into the DHS CISA KEV catalog one step further and found that 66 actively known exploited CVEs were missed by top scanners such as Nessus, Nexpose, and Qualys. Click here to know more!

Read More

Pavithra Shankar

Posted on Jan 4, 2022 5 minutes

Top 5 Affected Products in CISA’s Catalog of Known Exploited Vulnerabilities (KEV)  

Our researchers analyzed CISA’s catalog of Known Exploited Vulnerabilities (KEV) to study the most affected products by number of vulnerabilities. Read on to learn more about their analysis.

Read More

Surojoy Gupta

Posted on Dec 6, 2021 5 minutes

Top Affected Vendors according to CISA’s Catalog of Known Exploited Vulnerabilities (KEV)

While all vulnerabilities listed by CISA are critical and should be prioritized for patching, five vendors stand out from the rest with the most number of CVEs associated with their products. In this blog, we have taken a detailed look at top five vendors and the vulnerabilities that plague them.

Read More

Surojoy Gupta

Posted on Nov 22, 2021 | Updated on Sep 26, 2022 5 minutes

CISA Releases a Directive Asking Organizations to Patch Known Exploited Vulnerabilities

The DHS Cybersecurity and Infrastructure Security Agency (CISA) released a directive with a list of 834 known and exploited vulnerabilities that public sector entities and organizations need to patch immediately!

Read More

Surojoy Gupta, Priya Ravindran, Pavithra Shankar

Posted on Nov 15, 2021 | Updated on May 25, 2022 5 minutes

20 Percent of CVEs Listed in CISA’s Latest Directive have Ransomware Associations

A directive recently released by the US government-backed Cybersecurity and Infrastructure Security Agency has a list of 703 known vulnerabilities that organizations have been asked to focus on patching immediately. Amongst them, 158 vulnerabilities have been identified as being exploited actively by various ransomware families. Read on to learn more about the vulnerabilities.

Read More

Surojoy Gupta

Posted on Oct 26, 2021 | Updated on Aug 23, 2022 3 minutes

Security Management: CVE-2021-36260, Patch this Hikvision Vulnerability.

The video surveillance giant Hikvision disclosed a zero-click vulnerability tracked as CVE-2021-36260, which has existed from at least 2016, according to researchers. The vulnerability that exists in Hikvision camera models is highly susceptible to remote hijacking without requiring a username or password. 

Read More

Pavithra Shankar