Download Ransomware Q2 Index Update

Vulnerabilities Blogs

Stay tuned with the latest news and updates from cyber security ecosystem.

Posted on 19th Jul, 2021 | By Priya Ravindran 3 minutes

Solarwind Attackers at It Again in Back-to-Back Campaigns

Nobelium, the APT group behind the infamous SolarWinds attack, has resurfaced in two recent campaigns against US-based IT companies and government organizations. Check out CSW’s analysis about 18 vulnerabilities used by the group to exploit and infiltrate their targets.

Read More

Posted on 14th Jul, 2021 | By Surojoy, Priya 3 minutes

New Threat Group Agrius Exploits Old Fortinet VPN Vulnerabilities

New APT Group Agrius is exploiting Fortinet’s vulnerabilities to attack their targets. Shodan results show 56000 target assets around the world that could be vulnerable to an attack. Check out our analysis for more information.

Read More

Posted on 8th Jul, 2021 | By Surojoy, Priya 4 minutes

Back-to-back Air India Attacks indicating more than just a data breach?

The Airline industry is on the brink of a supply-chain attack from threat groups like APT41. According to our research findings, there are 20 vulnerabilities associated with the APT41 threat group.

Read More

Posted on 2nd Jul, 2021 | By Pavithra Shankar 3 minutes

How to detect CVE-2021-34527?

CSW Pentester’s have released a script to detect the Windows Print Spooler Remote Code Execution Vulnerability. Running the script can help organizations detect connected devices that could be vulnerable to exploits.

Read More

Posted on 31st May, 2021 | By Priya Ravindran 3 minutes

CVE-2021-21985: Patch this Trending VMware Vulnerability

On the 25th of May 2021, VMware published an advisory warning of two vulnerabilities - CVE-2021-21985 and CVE-2021-21986 - in their vCenter Server and Cloud Foundation products.

Read More

Posted on 2nd Mar, 2021 | By Sumeetha 3 minutes

Google Trends: Most searched top 10 vulnerabilities in 2020

CSW experts compiled the list of vulnerabilities that were highly searched in Google and came up with top 10 CVEs.

Read More

Posted on 2nd Dec, 2020 | By Pavithra Shankar 5 minutes

Fortinet’s 50,000 VPN Leak Highlights Lack of Cyber Hygiene

A threat hacker group named “Pumpedkicks” has leaked credentials for 50,000 Fortinet VPN devices that impact 140 countries around the world. Check out CSW’s analysis and recommendations for this vulnerability.

Read More

Posted on 6th Nov, 2020 | By Pavithra Shankar 7 minutes

Top 25 Vulnerabilities Exploited by Chinese Sponsored Hackers

The National Security Agency listed 25 vulnerabilities that are being targeted by Chinese state sponsored cyber attackers popularly known as APT41. Know more about these vulnerabilities and patch them before you fall prey to a breach.

Read More

Posted on 5th Aug, 2020 | By Sumeetha 3 Minutes

WastedLocker Ransomware Attack: Indicators of compromise (IOCs)

Evil Corp used compromised legitimate websites to deliver ransomware in Garmin’s environment. The attack caused a 5-day outage for their product users. CSW Analysts have put together a list of domains, hashes, IOCs that have been compromised. Download the list to update your IPS/IDS and avoid being attacked.

Read More

Posted on 15th Jul, 2020 | By Sumeetha 5 Minutes

Atlassian’s new features and the Shift Left Revolution

All scanners list out security vulnerabilities but does the developer know what to fix first and how to go about it?

Read More