Securin Articles

Read about the latest news & updates in cybersecurity.
Read Securin experts' insights when they revisited HIVE and their attack tactics and techniques, and what organizations can do to remain safe from future attacks.
As the world still reels under the impact of the Ukraine-Russia cyberwar, yet another Cyberwar has started between Iran and Albania. Securin's experts provide insights into Iranian threats that organizations need to watch out for.
Did you know hackers can exploit 125 weaponized vulnerabilities in VPN products to attack their targets? Securin analysts deep dive into exposures in VPNs that could compromise organizational networks.
In this blog, CSW experts analyzed CISA’s Known Exploited Vulnerabilities (KEV) list for latencies in publishing, exploiting, and patching to understand how fast attackers are weaponizing them for attacks.
Conti has been one of the most prolific ransomware groups in 2022. Organizations need to prioritize patching for these vulnerabilities in order to avoid large-scale attacks.
Cybersecurity is a priority in education due to the lack of resources and continual ransomware attacks. CISA’s new K-12 Cybersecurity Act will research and develop tools to help schools become more secure against cyberattacks.
The United States Cyber Command and Cybersecurity Infrastructure Security Agency (CISA) rang the warning bells for companies to patch a critical vulnerability (CVE-2021-26084) in the Atlassian Confluence Server and Data Center. Here is our analysis about this vulnerability.
CSW Pentester’s have released a script to detect the Windows Print Spooler Remote Code Execution Vulnerability. Running the script can help organizations detect connected devices that could be vulnerable to exploits.
REvil Ransomware uses six vulnerabilities to target their victims and if these had been remediated and patched on priority, JBS - the world’s largest meat packer could have escaped this attack. CSW warned about these vulnerabilities in its Ransomware Spotlight Report published in February 2021.
In our recently published Ransomware Spotlight report 2020 we tracked down vulnerabilities that are being used by Ransomware to launch attacks on organizations worldwide. Here are a few surprising findings about old vulnerabilities in this report
This women’s day, we spoke to a few inspiring women executives who are breaking the myth and are soaring high. They are skilled, motivated, and talented and they come from different geographies, backgrounds but are united by their passion for cybersecurity. 
SolarWinds disclosed on Dec 13 that vulnerabilities in their network management tool Orion was used to mount attacks on FireEye and on several Government agencies. CSW analyzed Orion’s 15 Vulnerabilities and has found that CVE-2019-9546 – with a known critical Privilege Execution Exploit needs immediate remediation along with an upgrade to Orion Platform version 2020.2.1 HF.1.
Security Agencies CISA (Cybersecurity and Infrastructure Security Agency), FBI, and the Department of Health and Human Services (HHS) have issued a high alert joint security advisory to hospitals to take actions to secure themselves from Ryuk ransomware in particular.
Evil Corp used compromised legitimate websites to deliver ransomware in Garmin’s environment. The attack caused a 5-day outage for their product users. CSW Analysts have put together a list of domains, hashes, IOCs that have been compromised. Download the list to update your IPS/IDS and avoid being attacked.
CVE-2020-5902 is a critical remote code vulnerability that was discovered in the F5 Networks Big-IP administrative interface. From discovery to mitigation, see how things unfolded and check out CSW’s script to detect this vulnerability in Big-IP products.
Travelex fell prey to a ransomware attack (on New Year’s Eve) because they failed to install a patch issued by their VPN - Pulse Secure. How safe are our VPNs? Let's find out.
Systems, infrastructure, and sensitive information that were recentl viewed within the secure walls of one’s office is now being accessed through insecure connections and unsafe laptops from one’s home.
Today, the reliance on applications such as web proxy, remote conferencing, VPNs, etc. are at an all-time high which is yet another reason for threat actors to work overtime to exploit vulnerabilities.
With the recent breaches in Zoom application and increasing instances of ‘zoombombing’ and data theft, a definitive study of popular online video conferencing tools was needed. Take a read.