Ransomware Q2 & Q3 Report is live now!

Media Coverage

Everything You Need to Know About LockBit
Nov 2, 2022 | Aaron Sandeen

While the ransomware-for-hire group works to create ever more efficient exploits, companies can protect themselves with structured vulnerability management processes. Prioritize threats based on severity and risk.

Remaining Resilient in the Face of Cyberthreats – NCSAM
Oct 28, 2022 | Industry Today

These past few years have tested organizations across all industries resilience against cyberattacks. As news of data breaches continue to permeate the headlines, many businesses and consumers are asking themselves, “What can I do?” With this in mind, the 2022 theme for National Cybersecurity Awareness month is ‘See Yourself in Cyber,” because everyone has a role to play in the fight against cyber adversaries.

Cyber Security Works reveals 13 vulnerabilities have become newly associated with Ransomware
Oct 21, 2022 | VM Blog

13 new vulnerabilities have become associated with Ransomware in the past two quarters, and 10 out of 13 vulnerabilities have critical severity ratings. Over 49% of these vulnerabilities are trending as attackers are actively interested in them.

18 Ransomware vulnerabilities are not detected by popular scanners
Oct 21, 2022 | Times of India

Around 18 Ransomware vulnerabilities are not being detected by popular scanners, according to the latest Ransomware Spotlight Report published by Cyber Security Works....

Cyber Security Works reveals 13 vulnerabilities have become newly associated with Ransomware
Oct 21, 2022 | BusinessWire

Cyber Security Works (CSW) latest Ransomware Index Report reveals that 13 vulnerabilities have become newly associated with Ransomware in 2022 Q2 and Q3 taking the overall count to 323 vulnerabilities.

People Take Center Stage this National Cyber Security Awareness Month
Oct 21, 2022 | Cybersecurity Insiders

Ransomware and other cyberattacks have been used in a variety of ways throughout the year, underscoring the attackers’ growing technological sophistication and the threat to businesses throughout the globe.

A Cybersecurity Firm Assessed a State's Entire Education System, Finding Thousands of Security Risks
Sep 26, 2022 | The Journal

Cyber Security Works, an IT risk management company and partner agency of the U.S. Department of Homeland Security, recently conducted an assessment of an entire state’s public education system, analyzing the security posture across 180 school districts and charter schools.

What Is Patch Management?
Sep 16, 2022 | BuiltIn

How software patching can protect you, your customers and your organization.

5 safeguarding tips for schools this year
Sep 16, 2022 | ESchool News

Criminal cyber groups have made it abundantly clear that there is no type of organization they will not target–the more vulnerable they are, the easier it will be to victimize. Unfortunately for us, the organizations most at risk are often public institutions.

FBI and CISA Responded to a Cyber Attack and Ransomware Incident on Los Angeles School District (LAUSD)
Sep 16, 2022 | CPO Magazine

The Los Angeles Unified School District (LAUSD) suffered a cyber attack over the Labor Day holiday weekend, causing “significant disruption” to its digital infrastructure.

LAUSD Ransomware Attack: Action Too Little, Too Late?
Sep 14, 2022 | Security Boulevard

Going back to school in a pandemic after a long summer is frenetic enough without a ransomware attack disrupting educators’ best-laid plans. The Los Angeles Unified School District avoided just such a disruption after it discovered a ransomware incident Saturday night, September 3, 2022, just days before schools were set to open after the U.S. Labor Day holiday.

Everything You Need To Know About BlackCat (AlphaV)
Sep 8, 2022 | Aaron Sandeen

A relative newcomer to the ransomware scene, the BlackCat group quickly gained notoriety and may be associated with other APT groups like Conti and DarkSide.

AmiViz to offer Cyber Security Works AI-powered Attack Surface and Vulnerability Management solutions
Aug 25, 2022 | Security Middle East & Africa

Middle East region’s first enterprise B2B marketplace, AmiViz today announced that the company has signed a partnership with Cyber Security Works (CSW), a leading platform and services provider of predictive, AI-powered Attack Surface and Vulnerability Management solutions.

Ransomware Attacks Hit Two Out Of Three Organizations In 2021: Here’s What You Need To Know
Aug 23, 2022 | Forbes

The percentage of organizations hit with ransomware attacks jumped to 66% in 2021, representing a 29% year-over-year increase. As attacks become more complex and adversaries become more capable of deploying ransomware at scale, organizations have gotten better at dealing with the aftermath—but they’re still struggling to prevent attacks in the first place.

BlackCat Ransomware Gang Targets Luxembourg Energy Giant Creos
Aug 3, 2022 | Spiceworks.com

The news was officially made public by Creos’ parent company Encevo Group late last month after the BlackCat ransomware group claimed to have successfully targeted the Luxembourg-based energy company. While the energy supply to customers remains uninterrupted, the ransomware gang still has 150 GB of Creos data and is threatening to publish it online.

How security vulnerabilities pose risks for healthcare organizations
Jul 13, 2022 | Tech Republic

An analysis by Cyber SecurityWorks uncovered 624 vulnerabilities that cybercriminals could exploit to target healthcare facilities.

Aaron Sandeen Of Cyber Security Works On The 5 Things Every American Business Leader Should Do To Shield Themselves From A Cyberattack
Jun 29, 2022 | Authority Magazine

Understand your attack surface — Your attack surface is how a hacker sees your organization from the outside and includes details from the deep and dark webs. You need to continuously scan your known and unknown assets to identify any exposures, APIs, expired certificates, vulnerabilities in your technology stack, data leakage, open ports / protocols / services, non-production systems exposed to the public, assets potentially exposed to ransomware and much more.

Federal Government Invests in Cybersecurity; Experts React
Jun 25, 2022 | Vmblog

"The federal government's investments should help government agencies establish their security posture through proactive penetration testing and ongoing vulnerability management. Enterprises must repair the vulnerabilities that threat groups and attackers exploit in order to prevent catastrophe. To truly safeguard their organization from potential cyberattacks, leaders must enhance their cybersecurity visibility of known and unknowable assets, validate more frequently, and look for early warning capabilities as the world's cybersecurity issues grow."

CSW: Attackers Weaponize Vulnerabilities Days After Publishing
Jun 9, 2022 | SDX Central

Cyber Security Works (CSW) reported 22 new vulnerabilities associated with ransomware in the first quarter, a 7.6% spike since January, and the time window to patch before vulnerabilities are exploited is getting shorter.

The True Danger for Organizations: Unpatched Vulnerabilities
May 23, 2022 | Aaron Sandeen

It is no secret that 2021 saw an increase in cyberattacks all around the globe; specifically in critical infrastructure organizations. In October of that year, The U.S. Cybersecurity and Infrastructure Security Agency issued Alert AA21-287 in response to cyberattacks targeting the financial, gas, food and transportation sectors. The advisory was released to draw attention to infrastructure vulnerability and the facilities being targeted by hostile cyber activity. It seems that every year, new software comes out that should limit the number of ransomware attacks, but every year attacks seem to increase. Why is that?

Vulnerabilities Associated With Ransomware Up 7.6% in Q1 2022: Report
May 23, 2022 | Spiceworks.com

The Conti ransomware gang was associated with exploiting the most vulnerabilities — 19 of the 22 new ones. BlackCat, LockBit, and AvosLocker exploited the rest.

Ransomware gangs rely more on weaponizing vulnerabilities
May 20, 2022 | Bleeping Computer

Security researchers are warning that external remote access services continue to be the main vector for ransomware gangs to breach company networks but there's a notable uptick in exploiting vulnerabilities.

Ransomware vulnerabilities increase as Russia-linked activity surges
May 20, 2022 | Beta News

The first quarter of 2022 has seen a 7.6 percent increase in the number of vulnerabilities tied to ransomware, with 22 new ones discovered.

CSW Releases Q1 2022 Ransomware Report
May 20, 2022 | Industry Today

New threat research from Cyber Security Works (CSW) has revealed a 7.6% increase in ransomware vulnerabilities since the publication of the Ransomware Spotlight Report in January 2022.

Ransomware Groups Continue to Leverage Old Vulnerabilities
May 20, 2022 | Health IT Security

Ransomware groups are continually going after old vulnerabilities and tried-and-true attack methods to exploit victims.

Ransomware Vulnerabilities Spike by 7.6% in Q1 2022
May 19, 2022 | aiTechPark

New threat research from Cyber Security Works (CSW) has revealed a 7.6% increase in ransomware vulnerabilities since the publication of the Ransomware Spotlight Report in January 2022.

Ransomware Vulnerabilities Spike by 7.6% in Q1 2022
May 19, 2022 | VM Blog

New threat research from Cyber Security Works (CSW) has revealed a 7.6% increase in ransomware vulnerabilities since the publication of the Ransomware Spotlight Report in January 2022.

Q1 2022 Ransomware Report Reveals 7.6% Increase in Vulnerabilities Tied to Ransomware
May 18, 2022 | BusinessWire

Q1 2022 Ransomware Report Reveals 7.6% Increase in Vulnerabilities Tied to Ransomware and Alarming Surge in Activity by Conti Ransomware Group. he report also revealed a 7.5% increase in APT groups associated with ransomware, 6.8% increase in actively exploited and trending vulnerabilities, and 2.5% increase in ransomware families.

The Colonial Pipeline ransomware attack a year on: 5 lessons for security teams
May 7, 2022 | Venture Beat

Today marks the one-year anniversary of the Colonial Pipeline ransomware attack, one of the biggest cyber attacks in recent history, where a threat actor named DarkSide used a single compromised password to gain access to the US’s largest pipeline operator’s internal systems.

The 6 steps to a successful cyber defense
May 4, 2022 | Helpnetsecurity

The Ransomware Spotlight Year-End Report from Ivanti, conducted in partnership with Cyber Security Works and Cyware, found that there is now a total of 157 ransomware families – an increase of 32 from the previous year.

Lapsus$ Hackers Breached T-Mobile Repeatedly and Downloaded Thousands of Source Code Repositories, Leaked Chats Show
May 2, 2022 | CPO Magazine

Leaked chats between Lapsus$ hackers revealed that the gang breached T-Mobile multiple times in March and copied thousands of source code repositories.

Managing Ransomware in 2022
Apr 12, 2022 | IT Social

The Ransomware Spotlight 2022 report is co-published by 3 players in the cybersecurity world: CSW, Cyware and Ivanti. It annually addresses ransomware threats. The latest trends on the subject, the weaknesses identified in the programs to the latest ways of proceeding to fraudulently enter an Information System (IS), everything is reported there.

Honoring Women’s History Month
Mar 24, 2022 | IndustryToday.com

Women’s History Month is celebrated in March to illuminate the unique experiences women go through. Check out CSW's Chief Financial Officer, Andrea Edmonds talk about her journey.

Tech Experts Share their Sentiments this Women's History Month
Mar 22, 2022 | Vmblog.com

March is Women's History Month, a time when women around the world are to be celebrated for their contributions to history, culture and society. However, while we've come a long way, women still struggle to receive the accolades, recognition, and opportunities that they deserve - particularly in the tech industry. In honor of Women's History Month, several technology leaders have shared what this means to them.

CSW acquires CYR3CON IP to provide organizations with predictive insights into exploitable vulnerabilities
Mar 17, 2022 | HelpNetSecurity

Cyber Security Works (CSW), recently acquired CYR3CON IP to give CSW a set of ‘early warning’ vulnerability and threat intelligence capabilities. CSW acquired the new company’s technology to leverage powerful artificial intelligence and dark web mining capabilities to accurately predict how weaponizable vulnerabilities will detonate in the wild and in customer environments.

CSW Acquires Early Warning Vulnerability and Threat Intelligence Organization for Predictive, Pre-Breach Insights Into Exploitable Vulnerabilities
Mar 16, 2022 | ITSecurityWire

Cyber Security Works (CSW), the leading platform and services provider of predictive, AI-powered Attack Surface and Vulnerability Management solutions, recently acquired an organization to give CSW a robust set of ‘early warning’ vulnerability and threat intelligence capabilities to continue the build-out of its unified threat and vulnerability management platform. The CYR3CON IP was originally developed with grants from Arizona State University (ASU) LightWorks and NEPTUNE, the U.S. Navy’s Office of Naval Research.

Albuquerque cybersecurity firm acquires Arizona machine learning startup
Mar 16, 2022 | BizJournals.com

After relocating its headquarters to Albuquerque from India, Cyber Security Works Inc. is boosting its capabilities — and workforce — with the acquisition of CYR3CON IP.

Cyber Security Works Acquires Threat Management Intellectual Property
Mar 15, 2022 | MSSP Alert

Cyber Security Works (CSW), an MSSP and attack surface and vulnerability management solutions provider, has acquired threat management intellectual property developed by CYR3CON. Financial terms of the deal were not disclosed.

CSW Acquires Early Warning Vulnerability and Threat Intelligence Organization for Predictive, Pre-Breach Insights Into Exploitable Vulnerabilities
Mar 15, 2022 | Vmblog.com

Cyber Security Works (CSW) recently acquired an organization to give CSW a robust set of ‘early warning' vulnerability and threat intelligence capabilities to continue the build-out of its unified threat and vulnerability management platform. The CYR3CON IP was originally developed with grants from Arizona State University (ASU) LightWorks and NEPTUNE, the U.S. Navy's Office of Naval Research.

After Declaring Support for Russian Invasion, Conti Ransomware Gang Hit With Data Leak
Mar 9, 2022 | CPO Magazine

War is hell, and attacks can come quickly and out of nowhere, as the Conti ransomware gang has learned. Only days after making a public pledge of support for the Russian government as it invades Ukraine, the group has experienced a data leak of tens of thousands of its internal chat messages.

Ukraine at D+11: Stalled advances, intense fires, and cyber ops.
Mar 9, 2022 | The Cyberwire

The chat logs show that Conti indeed suffered disruption when the US NSA and FBI took action against the gang's infrastructure, that Conti turned to a target list of US healthcare organizations as it reestablished itself, and that the gang was confident it wouldn't be interfered with by Russian authorities.

Women of Cyber: International Women's Day 2022
Mar 8, 2022 | EnterpriseSecurityTech.com

March 8 marks International Women’s Day, with this year’s theme being #BreakTheBias. Whether unconscious or not, bias makes it difficult for women to move ahead in the workforce, and it is up to everyone to level the playing field.

6 Cyber-Defense Steps to Take Now to Protect Your Company
Mar 4, 2022 | Threat Post

Ransomware is getting worse, but Daniel Spicer, chief security officer at Ivanti, offers a checklist for choosing defense solutions to meet the challenge.

February 2022 Security Update: Life After Log4j
Feb 26, 2022 | Devpro Journal

The year began with companies attempting to clean up after major exploitation of the critical Log4j vulnerability, a recap of 2021’s ransomware activity, and a new crop of security patches.

Meyer/Kitchenware Suffers Attack by Conti Ransomware Gang
Feb 25, 2022 | Enterprise Security Tech

Kitchenware company Meyer Corp. US recently reported that it suffered a breach targeting a wide array of data such as name, address, ethnicity, date of birth, gender, immigration status and more. Though Meyer did not disclose what form of ransomware was used, the Conti ransomware gang has taken credit for the attack.

Meyer suffers cyberattack by Conti ransomware
Feb 25, 2022 | Security Magazine

Kitchenware company Meyer Corp. revealed it suffered a data breach. The ransomware attack targeted company data, including names, addresses, ethnicity, date of birth, gender, immigration status and mor

Cyberattackers Cook Up Employee Personal Data Heist for Meyer
Feb 23, 2022 | ThreatPost

The Conti gang breached the cookware giant’s network, prepping thousands of employees’ personal data for consumption by cybercrooks.

32 new ransomware families in 2021, a 26 per cent YoY increase: Report
Jan 29, 2022 | Business Line

Unpatched vulnerabilities remain the most prominent attack vectors exploited by ransomware groups

Ransomware families becoming more sophisticated with newer attack methods
Jan 28, 2022 | Help Net Security

Ivanti, Cyber Security Works and Cyware announced a report which identified 32 new ransomware families in 2021, bringing the total to 157 and representing a 26% increase over the previous year.

Hackers continue to target zero-day vulnerabilities
Jan 27, 2022 | BetaNews

Unpatched vulnerabilities remain the most prominent attack vectors exploited by ransomware groups

Ransomware 2021 Year End Report Reveals Hackers are Increasingly Targeting Zero-Day Vulnerabilities
Jan 27, 2022 | CXO Outlook

The report found that ransomware groups are continuing to target unpatched vulnerabilities and weaponize zero-day vulnerabilities in record time to instigate crippling attacks

Unpatched Vulnerabilities Most Exploited By Ransomware Gangs
Jan 27, 2022 | Ahmedabad Mirror

Unpatched vulnerabilities remain the most prominent attack vectors exploited by ransomware groups and in 2021, 65 new vulnerabilities tied to ransomware were discovered, representing a 29 per cent growth over 2020 and bringing the total number of vulnerabilities associated with ransomware to 288, a new report showed on Thursday.

Unpatched Vulnerabilities Most Exploited By Ransomware Gangs: Report
Jan 27, 2022 | Tassco

The report by US-based mostly IT software program agency Ivanti, carried out with Cyber Security Works and menace intelligence agency Cyware, additionally recognized 32 new ransomware households in 2021, bringing the full to 157 and representing a 26 per cent improve over the earlier 12 months.

Hackers Targeting Zero-Day Vulnerabilities and Supply Chain Networks: Report
Jan 27, 2022 | CXO Today

Ivanti, the provider of the Ivanti Neurons automation platform that discovers, manages, secures, and services IT assets from cloud to edge, today announced the results of the Ransomware Spotlight Year End Report that it conducted with Cyber Security Works, a Certifying Numbering Authority (CNA), and Cyware, the leading provider of Cyber Fusion, next-generation SOAR and threat intelligence solutions.

Ransomware 2021 Year End Report Reveals Hackers are Increasingly Targeting Zero-Day Vulnerabilities
Jan 27, 2022 | Technuter

Ransomware 2021 Year End Report Reveals Hackers are Increasingly Targeting Zero-Day Vulnerabilities and Supply Chain Networks for Maximum Impact. The report identified 32 new ransomware families in 2021, bringing the total to 157 and representing a 26% increase over the previous year.

Ransomware 2021 Year End Report Reveals Hackers are Increasingly Targeting Zero-Day Vulnerabilities
Jan 27, 2022 | APN News

The report also revealed a 29% increase in CVEs associated with ransomware and a 26% increase in ransomware families in 2021 compared to the previous year.

Unpatched vulnerabilities most exploited by ransomware gangs: Report
Jan 27, 2022 | Daijiworld.com

Unpatched vulnerabilities remain the most prominent attack vectors exploited by ransomware groups and in 2021, 65 new vulnerabilities tied to ransomware were discovered, representing a 29 per cent growth over 2020 and bringing the total number of vulnerabilities associated with ransomware to 288, a new report showed on Thursday.

Ivanti report finds 32 new ransomware families appeared in 2021
Jan 26, 2022 | SiliconANGLE

Ivanti report finds 32 new ransomware families appeared in 2021

Ransomware Spotlight Year End 2021 Report (Ivanti)
Jan 26, 2022 | The Cyberwire

Read this report analyzing the increased sophistication of ransomware groups and increased volume of ransomware attacks. Stay informed on how ransomware groups are broadening their attack spheres and finding newer ways to compromise organizational networks and fearlessly trigger high-impact assaults.

Ransomware 2021 Year End Report Reveals Hackers are Increasingly Targeting Zero-Day Vulnerabilities and Supply Chain Networks for Maximum Impact
Jan 26, 2022 | BusinessWire

The report also revealed a 29% increase in CVEs associated with ransomware and a 26% increase in ransomware families in 2021 compared to the previous year

Unpatched vulnerabilities most exploited by ransomware gangs: Report
Jan 26, 2022 | The Siasat Daily

Unpatched vulnerabilities remain the most prominent attack vectors exploited by ransomware groups and in 2021, 65 new vulnerabilities tied to ransomware were discovered, representing a 29 per cent growth over 2020 and bringing the total number of vulnerabilities associated with ransomware to 288, a new report showed on Thursday.

Cybersecurity’s challenge for 2022 is defeating weaponized ransomware
Jan 26, 2022 | January 26, 2022 | Venture Beat

Ransomware attack strategists continue to target zero-day vulnerabilities, execute supply chain attacks, fine-tune vulnerability chaining, and search for vulnerabilities in end-of-life products to improve the odds their ransomware attacks will succeed.

Ivanti report finds 32 new ransomware families appeared in 2021
Jan 26, 2022 | Silicon Angle

A new report has found that 32 new ransomware families appeared in 2021, bringing the total to 157, a 26% increase over the previous year.

Hackers continue to target zero-day vulnerabilities
Jan 26, 2022 | Betanews

Unpatched vulnerabilities remain the most prominent attack vectors exploited by ransomware groups, according to a new report.

Dialog Enterprise Partners with TekSek & CSW
Jan 20, 2022 | Dialog

Dialog Enterprise, the corporate solutions arm of Dialog Axiata PLC, recently announced its partnership with acclaimed cybersecurity solutions provider Cyber Security Works (CSW) & TekSek Cyber Security to bring the latest in world-class IT & OT security services to enterprises in Sri Lanka.

Vulnerabilities associated with ransomware increased 4.5% in Q3 2021
Nov 10, 2021 | Help Net Security

Ransomware groups are continuing to grow in sophistication, boldness, and volume, with numbers up across the board since Q2 2021, a report by Ivanti, Cyber Security Works and Cyware reveals.

Cyber Security Report reveals increase in Ransomware Threats
Nov 10, 2021 | Times of India

A new report on cyber security has revealed that ransomware groups are continuing to grow in “sophistication, boldness, and volume”, with numbers up across the board since the second quarter of the year.

12 New Flaws Used in Ransomware Attacks in Q3
Nov 9, 2021 | Threat Post

The Q3 2021 report revealed a 4.5% increase in CVEs associated with ransomware and a 3.4% increase in ransomware families compared with Q2 2021.

Vendors Issue Security Advisories for OpenSSL Flaws
Oct 4, 2021 | Mihir Bagwe

Several companies that use the OpenSSL cryptography library toolkit are reportedly scrambling to release security advisories to their users following patching of two vulnerabilities in the library, which were first fixed and disclosed to users on Aug. 24.

Chennai-based CSW receives New Mexico State Funding
Oct 1, 2021 | Times of India

Chennai-based Cyber Security firm Cyber Security Works has been selected by New Mexico's Job Training Incentive Program board to receive $411,390 through state funding to hire and train employees in Albuquerque, New Mexico.

Indian Organizations Among Most Targeted for Ransomware; Most Pay Ransom
Sep 8, 2021 | CISO Mag

In its Q2 Index Update, Cyber Security Works reveals new vulnerabilities in the ransomware arsenal. Its research shows that six vulnerabilities have become associated with seven ransomware strains; among them are the infamous Darkside, Conti, FiveHands, and the newly christened, Qlocker.

Ransomware Vulnerabilities That Could Bring Down Your Organization
Sep 6, 2021 | CISO Mag

Today, 266 vulnerabilities are associated with ransomware, and attackers are increasingly exploiting these weaknesses to launch devastating ransomware attacks. Therefore, identifying and remediating these vulnerabilities needs to be a critical priority for organizations if they wish to remain safe from ransomware attacks.

Cyber Security Works launches Flag Runner hackathon for College Students
Aug 17, 2021 | Times of India

Cyber Security Works (CSW), a US-based cybersecurity service has just launched its second online hackathon Flag Runner Chapter 2 for final year college students....

Synology NAS Devices Targeted by StealthWorker Botnet
Aug 11, 2021 | Data Breach Today

Taiwan-based network-attached storage device manufacturer Synology says the StealthWorker botnet is targeting its products with brute force attacks that could lead to ransomware intrusions.

Sri Lanka’s future lies in its cybersecurity
Aug 9, 2021 | Nation.IK

Digital security is now becoming as important as physical security. This isn’t really a new development, the world has been worrying about cybersecurity for some time, but with Sri Lanka finally having caught up to the rest of the world in living a significant part of their lives online, cybersecurity is now more of a concern than ever, especially for the business world.

JTIP Funds to support 190 jobs in July
Jul 27, 2021 | Albuquerque Journal

New Mexico’s Job Training Incentive Program board has approved around $1.3 million in funding to support 190 trainees at seven New Mexico companies in July, according to the state Economic Development Department.

After merger, cybersecurity firm relocates to Albuquerque to be near an early customer
Jul 21, 2021 | Albuquerque Business First

Cyber Security Works recently submitted a request for $411,390 in Job Training Incentive Program money for 13 trainees, according to documents provided by the New Mexico Economic Development Department.

The Vulnerabilities that Open the Door to Ransomware
Jun 15, 2021 | CISO Mag

The recent spate of ransomware attacks could have been avoided. If the concerned organizations had remediated vulnerabilities that are associated with ransomware, they could have shrunk their attack surface.

Time to stem Ransomware attacks
May 19, 2021 | The Hans India

A ransomware attack on one of the largest oil pipelines of the US, Colonial Pipeline, last week shows the vulnerabilities of global establishments to various cyberthreats.

Adversaries on a Vaccine Trail
Apr 1, 2021 | CISO Mag

CSW research about global Pharma companies that are engaged in COVID research to find how susceptible they are to cyber attacks.

Ransomware attacks rise in 2020, SaaS apps are the new target: Report
Feb 28, 2021 | Hindustan Times Tech

The year 2020 saw a growth in cybercrimes targeting individuals, businesses, and governments around the world. A new report sheds more light on the cybersecurity perils, especially on the ransomware front.

What We Can Learn From The LK Domain Registry Hack
Feb 26, 2021 | RoarMedia

You may recall a recent uproar on social media, shortly after Independence Day, when the google.lk domain appeared to have been defaced, redirecting users to a site that detailed ongoing social issues. At first, it seemed like the typical website defacement that has been known to take place around important dates on the Sri Lankan calendar (not that this is something to be relieved about). Upon digging further, however, the situation appeared to be more dire than initially suspected.

Software-as-a-service applications emerge as new target for ransomware, report reveals
Feb 13, 2021 | The Hindu

Software-as-a-service (SaaS) applications have emerged as a new target for ransomware, and had the highest count of vulnerabilities that were seen trending with active exploits.

Ransomware attacks rose by 31% amid pandemic: Report
Feb 12, 2021 | New Indian Express

There has been a 31 per cent increase in ransomware attacks — which involve malware that encrypt files and hold the owner to ransom to access their data — in India amid the pandemic in 2020, according to a report by Chennai-based Cyber Security Works (CSW), a leader in Attack Surface Management (ASM) and an official CVE Numbering Authority (CNA), along with RiskSense.

The Moment of Reckoning? Inside Sri Lanka’s LK Domain Registry Breach
Feb 10, 2021 | Articulate

A deeper investigation has revealed further startling evidence. Although initially framed as a breach that occurred on 6th February, it can be exclusively shared that Admin Usernames and Passwords were available on the Criminal Dark Web as far back as 2012 and potentially even earlier.

Chennai firm allowed to validate bugs, software flaw
Nov 30, 2020 | The Hindu

Cyber Security Works (CSW), a firm based out of the IIT Madras Research Park, has been named a CVE Numbering Authority.

Chennai firm becomes CVE naming authority
Nov 6, 2020 | New Indian Express

Chennai-based Cyber Security Works (CSW) has gained the reputation of being the second Indian company to become a Common Vulnerabilities and Exposure (CVE) naming authority. So, what does this mean for the organisation? Thousands of bug bounty hunters in India and Asia can come to CSW with their findings and get a CVE ID after validation and earn cash rewards.

How fear of Covid pandemic became fodder for phishing attack
Jul 7, 2020 | Times of India

The Covid-19 pandemic isn’t just real, it’s virtual as well. Earlier, this week, the Indian Computer Emergency Response Team (CERT-In), an office within the Ministry of Home Affairs, issued an advisory regarding a potential ‘cyber offensive attack from the Chinese army’.

Virtually preying on fear of the pandemic
Jul 6, 2020 | Times of India

A report released in April by Chennai-based Cyber Security Works analysed 4,829 vulnerabilities spanning across technologies from 1999 to February 2020.