Vulnerabilities Blogs
Stay tuned with the latest news and updates from cyber security ecosystem.
Posted on 8th Oct, 2021 | By Pavithra Shankar 3 minutes
CVE-2021-41773 & CVE-2021-42013: Apache Web Servers are Vulnerable, Patch Now!
On October 4, 2021, Apache announced fixes for a couple of vulnerabilities, including a zero-day flaw that affects Apache HTTP Server version 2.4.49—a widely used open-source, cross-platform web server for Unix and Windows.
Read More
Posted on 5th Oct, 2021 | By Pavithra Shankar 3 minutes
CISA & FBI : Zoho Flaws Being Actively Exploited, Patch Now
The FBI, CISA, and the Cyber Guard (CGCYBERs) warned of a serious vulnerability (CVE-2021-40539) in a single Zoho Signup and Password Management Solution that State Advanced Persistent Threat (APT) actors are actively scanning the internet for vulnerable servers.
Read More
Posted on 29th Sep, 2021 | By Surojoy Gupta 3 minutes
A 15-year old Vulnerability Exposes Linux to Privilege Escalation Attacks
A critical security flaw in the Linux kernel went unpatched for 15 years till attackers used it to gain local privilege escalation, escape the Kubernetes pod and obtain root privileges on Linux systems. Read our analysis where we look into the vulnerability’s characteristics and the impact it can have.
Read More
Posted on 28th Sep, 2021 | By Surojoy Gupta 4 minutes
Critical OpenSSL Vulnerabilities affecting Linux and NAS devices
Two OpenSSL vulnerabilities, one remote code execution, and a denial-of-service were discovered by network-attached storage device manufacturers, Synology and QNAP. The fear of a ransomware attack leveraging the vulnerabilities still remains high. Here is our analysis of the vulnerabilities.
Read More
Posted on 27th Sep, 2021 | By Surojoy Gupta 4 minutes
Critical VMware Vulnerability: Patch CVE-2021-22005 Now!
On September 21, 2021, VMware published an advisory warning of nineteen vulnerabilities in their vCenter Server. Of the nineteen vulnerabilities, one CVE stands out as being extremely critical and potential to be exploited by ransomware—CVE-2021-22005.
Read More
Posted on 11th Sep, 2021 | By Pavithra Shankar 5 minutes
CVE-2021-26084: Patch the Confluence Servers Now!
The United States Cyber Command and Cybersecurity Infrastructure Security Agency (CISA) rang the warning bells for companies to patch a critical vulnerability (CVE-2021-26084) in the Atlassian Confluence Server and Data Center. Here is our analysis about this vulnerability.
Read More
Posted on 11th Aug, 2021 | By Surojoy Gupta 3 minutes
Critical SolarWinds Serv-U FTP Flaw Exploited by New Chinese Threat Group
The US defense industrial base sector and many organizations from critical industries, such as software and healthcare, were recently affected by an unpatched critical remote code execution flaw in the Solarwinds Serv-U FTP server software that was exploited by a new Chinese threat group. What was the impact of the attack? Read our analysis to find out.
Read More
Posted on 3rd Aug, 2021 | By Surojoy Gupta 3 minutes
Indexsinas SMB Worm Exploits EternalBlue Vulnerabilities
Despite being patched four years ago, the self-propagating malware, Indexsinas SMB worm, exposes that Windows servers are still vulnerable to the infamous NSA EternalBlue exploits and can be used for crypto-mining. Here is our analysis of these vulnerabilities and their present exposure.
Read More
Posted on 19th Jul, 2021 | By Priya Ravindran 3 minutes
Solarwind Attackers at It Again in Back-to-Back Campaigns
Nobelium, the APT group behind the infamous SolarWinds attack, has resurfaced in two recent campaigns against US-based IT companies and government organizations. Check out CSW’s analysis about 18 vulnerabilities used by the group to exploit and infiltrate their targets.
Read More.png)
Posted on 14th Jul, 2021 | By Surojoy, Priya 3 minutes
New Threat Group Agrius Exploits Old Fortinet VPN Vulnerabilities
New APT Group Agrius is exploiting Fortinet’s vulnerabilities to attack their targets. Shodan results show 56000 target assets around the world that could be vulnerable to an attack. Check out our analysis for more information.
Read More
Posted on 8th Jul, 2021 | By Surojoy, Priya 4 minutes
Back-to-back Air India Attacks indicating more than just a data breach?
The Airline industry is on the brink of a supply-chain attack from threat groups like APT41. According to our research findings, there are 20 vulnerabilities associated with the APT41 threat group.
Read More
Posted on 2nd Jul, 2021 | By Pavithra Shankar 3 minutes
How to detect CVE-2021-34527?
CSW Pentester’s have released a script to detect the Windows Print Spooler Remote Code Execution Vulnerability. Running the script can help organizations detect connected devices that could be vulnerable to exploits.
Read More
Posted on 31st May, 2021 | By Priya Ravindran 3 minutes
CVE-2021-21985: Patch this Trending VMware Vulnerability
On the 25th of May 2021, VMware published an advisory warning of two vulnerabilities - CVE-2021-21985 and CVE-2021-21986 - in their vCenter Server and Cloud Foundation products.
Read More
Posted on 2nd Mar, 2021 | By Sumeetha 3 minutes
Google Trends: Most searched top 10 vulnerabilities in 2020
CSW experts compiled the list of vulnerabilities that were highly searched in Google and came up with top 10 CVEs.
Read More
Posted on 2nd Dec, 2020 | By Pavithra Shankar 5 minutes
Fortinet’s 50,000 VPN Leak Highlights Lack of Cyber Hygiene
A threat hacker group named “Pumpedkicks” has leaked credentials for 50,000 Fortinet VPN devices that impact 140 countries around the world. Check out CSW’s analysis and recommendations for this vulnerability.
Read More
Posted on 6th Nov, 2020 | By Pavithra Shankar 7 minutes
Top 25 Vulnerabilities Exploited by Chinese Sponsored Hackers
The National Security Agency listed 25 vulnerabilities that are being targeted by Chinese state sponsored cyber attackers popularly known as APT41. Know more about these vulnerabilities and patch them before you fall prey to a breach.
Read More
Posted on 5th Aug, 2020 | By Sumeetha 3 Minutes
WastedLocker Ransomware Attack: Indicators of compromise (IOCs)
Evil Corp used compromised legitimate websites to deliver ransomware in Garmin’s environment. The attack caused a 5-day outage for their product users. CSW Analysts have put together a list of domains, hashes, IOCs that have been compromised. Download the list to update your IPS/IDS and avoid being attacked.
Read More
Posted on 15th Jul, 2020 | By Sumeetha 5 Minutes
Atlassian’s new features and the Shift Left Revolution
All scanners list out security vulnerabilities but does the developer know what to fix first and how to go about it?
Read More