News - Securin

Dec 16, 2020

Securin’s Analysis of SolarWinds: Top Scanners Miss Several Vulnerabilities

The massive breach of SolarWinds Network Management product has compromised as many as 18,000 organizations outside of U.S Government entities, security agencies, defense entities. We took a closer look at the weaknesses that exist in other SolarWinds products and found that top scanners miss most of the vulnerabilities.

Dec 15, 2020

Vulnerability Analysis: SolarWinds Orion Network Management

SolarWinds disclosed on Dec 13 that vulnerabilities in their network management tool Orion was used to mount attacks on FireEye and on several Government agencies. CSW analyzed Orion’s 15 Vulnerabilities and has found that CVE-2019-9546 – with a known critical Privilege Execution Exploit needs immediate remediation along with an upgrade to Orion Platform version 2020.2.1 HF.1.

Dec 2, 2020

Fortinet’s VPN Leak Highlights the Lack of Cyber Hygiene

A threat hacker group named “Pumpedkicks” has leaked credentials for 50,000 Fortinet VPN devices that impact 140 countries around the world.

Nov 2, 2020

Ryuk raising the Temperature in Healthcare

Security Agencies CISA (Cybersecurity and Infrastructure Security Agency), FBI, and the Department of Health and Human Services (HHS) have issued a high alert joint security advisory to hospitals to take actions to secure themselves from Ryuk ransomware in particular.

Oct 15, 2020

Cyber Hygiene: Ransomware is Causing Critical Care Disruption in Hospitals

We analyzed three ransomware incidents (Ryuk, Revil & AKO) and found 16 CVEs associated with them. Incidentally, CSW warned about five of these CVEs in our cyber risk series way back in March 2020!

Aug 30, 2020

India’s Cybersecurity Policy: Disclosure of Data Breaches

Will the new national cybersecurity policy include a disclosure policy similar to what the west has?

Aug 5, 2020

WastedLocker Ransomware Attack: Indicators of Compromise (IOCs)

Evil Corp used compromised legitimate websites to deliver ransomware in Garmin’s environment. The attack caused a 5-day outage for their product users. CSW Analysts have put together a list of domains, hashes, IOCs that have been compromised. Download the list to update your IPS/IDS and avoid being attacked.

Attack Surface Management

Vulnerability Intelligence

Vulnerability Management

Penetration Testing

PARTNERS

RESOURCES

WHO WE ARE

CAREERS