Media Coverage

Securin media coverage including news from when we were Cyber Security Works (CSW) Inc.

Ransomware Crews Aggressively Capitalizing on Old, Open Source Vulnerabilities, Study Finds – MSSP Alert

Feb 17, 2023 |
MSSP Alert
In the last quarter of 2022 alone, aggressive ransomware groups exploited 21 of 180 vulnerabilities already known to be associated with digital hijacking, a joint report issued by cybersecurity providers Cyber Security Works (CSW), Ivanti, Cyware and Securin found.

Three Quarters of Vulnerabilities Currently Exploited by Ransomware Groups were Discovered Before 2020

Feb 17, 2023 |
Continuity Central
The importance of a strong patch management strategy has been highlighted by a new report which shows that the majority of vulnerabilities used by ransomware actors have been known about for years.

Ransomware Hackers are Delving into the Archives for Some Old-School Attacks

Feb 17, 2023 |
Tech Radar
Ransomware hackers are delving into the archives, looking for old vulnerabilities that could be exploited in new attacks, experts have claimed.

Ransomware Attackers Finding New Ways to Weaponize Old Vulnerabilities

Feb 16, 2023 |
Venture Beat
Ransomware attackers are finding new ways to exploit organizations’ security weaknesses by weaponizing old vulnerabilities.

76% of Vulnerabilities Currently Exploited by Ransomware Groups Were Discovered Before 2020, Report Finds

Feb 16, 2023 |
A new report from Cyber Security Works (CSW), Ivanti, Cyware, and Securin reveals the devastating toll that ransomware had on organizations globally in 2022. The study, 2023 Spotlight Report: Ransomware Through the Lens of Threat and Vulnerability Management, identified 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022-marking a 19% increase year-over-year.

Ransomware Actors Increasingly Weaponizing Old Vulnerabilities

Feb 16, 2023 |
Tech Target Security
A new report from Cyber Security Works shows that 76% of all ransomware-associated vulnerabilities tracked in 2022 were old flaws initially discovered between 2010 and 2019.

Cybersecurity Experts Provide Insights for Safer Internet Day

Feb 7, 2023 |
Cybersecurity Insiders
Cyber threats have already plagued January of 2023, causing organizations to invest more than ever in protective measures. The average cost of a data breach in 2022 was $4.35 million, and ransomware attacks cost organizations an average of $4.84 million, which does not account for the personal losses some cyber attacks have caused.

Safer Internet Day 2023: 18 Experts Share Best Practices for Online Safety

Feb 7, 2023 |
Online safety has never been more important, with so much of our personal and professional data available on the internet today. Each year, millions of people come together to spread awareness and celebrate Safer Internet Day on Feb 7th.

Industry Thought Leaders Provide Insights for Safer Internet Day 2023

Feb 7, 2023 |
Safer Internet Day is an annual event that is being celebrated today, February 7, 2023. With the rapid growth of the internet and its increasing usage in every aspect of our lives, it has become crucial to promote a safe and secure online environment for all.

Looking into Proactive Security: Are Vulnerability Scanners Failing You?

Feb 7, 2023 |
Enterprise Security Tech
News is breaking that cybercriminals are actively exploiting a two-year-old VMware vulnerability as part of a large scale ransomware campaign targeting thousands of organizations worldwide.

Massive Ransomware Campaign Affects Over 3,200 VMware Servers Worldwide

Feb 7, 2023 |
Enterprise Security Tech
News is breaking that cybercriminals are actively exploiting a two-year-old VMware vulnerability as part of a large scale ransomware campaign targeting thousands of organizations worldwide.

New Ransomware Exploits VMware ESXi Vulnerability

Feb 6, 2023 |
The Cyber Wire
France’s Computer Emergency Response Team (CERT-FR) and Italy’s National Cybersecurity Agency (ACN) have both warned of a widespread ransomware campaign that’s exploiting a vulnerability in VMware ESXi servers.

The Evolution of Cybersecurity Services

Jan 26, 2023 |
Momentum Cyber
Welcome to Momentum Cyber’s special report on the evolution of cybersecurity services. There has never been a more exciting time for this sector of the market. Google Cloud’s $5.4 billion acquisition of Mandiant, one of two public cybersecurity companies with significant services revenue, was a signature move that will impact the entire industry for years to come. This special report focuses on the impact of this deal on the industry and what to expect next.

How Will a Recession Affect CISOs?

Jan 10, 2023 |
Security Week
Is the United States heading toward a recession? If we are, then profits will dip, and belts will be tightened while we wait for the government to turn things round. Most, but not all, businesses will survive; but all will be affected.

Industry Experts Share Their Security Predictions for 2023

Jan 4, 2023 |
Cyber Defense Magazine
It’s no surprise that security is a major topic of conversation, with cyberattacks of all kinds increasing in frequency year after year. In today’s threat environment, it’s important that businesses are on top of the trends and know what they need to look out for, both now and down the road. So we’ve collected commentary from experts in the cybersecurity field sharing their predictions for 2023.

Succeeding with Cybersecurity: Challenges and Opportunities for 2023

Jan 3, 2023 |
Spice Works
The last few years have been rough on cybersecurity professionals. With each passing month, the threat environment has intensified. Aaron Sandeen, the co-founder of CSW, analyzes quick statistics to illustrate the expected cybersecurity trends in 2023.

2023 Cybersecurity Predictions Round Up: Experts From Within The Industry Share Security Concerns

Jan 3, 2023 |
Enterprise Security Tech
Part of of the 2023 cybersecurity prediction series, Aaron Sandeen shares his thoughts and concerns on the security industry.

The Need for Predictive Intelligence in Cybersecurity for 2023

Jan 2, 2023 |
CSW CEO, Aaron Sandeen, and other industry experts share their predictions for 2023. Read them in this 15th annual predictions series.

Adobe, Apple, Cisco, Microsoft Flaws Make Up Half of KEV Catalog

Dec 30, 2022 |
Dark Reading
CISA’s Known Exploited Vulnerabilities Catalog has become a valuable repository of vulnerabilities to be patched. A pair of reports analyze the vulnerabilities under attack to understand the kind of threats organizations should be prioritizing.

How to Protect the Digital Landscape in 2023

Dec 9, 2022 |
Organizations are increasingly cautious in regard to navigating the economic downturn. Increased inflation and reduced expenses are causing many to take a close look at the budgets for cybersecurity in the face of growing complexities of the cyber attack landscape.

Four Tips for Health-Care Providers to Stay Cyber Secure

Nov 27, 2022 |
Cyber Defense Magazine
The number of attacks aimed at the health-care industry has increased significantly during the past few years. Health-care institutions are ‌vulnerable to cyberattacks because they have access to highly valuable information, in terms of money and intelligence, sought after by nation-state actors and cybercriminals.

Ransomware Threats Grow as New Vulnerabilities and Threat Actors are Identified

Nov 21, 2022 |
Cybersecurity Insiders
Since our last ransomware report earlier this year, both the severity and complexity of attacker tactics continue to grow as we head into the final quarter of 2022. The total number of ransomware vulnerabilities out there has climbed to 323. It is about a 450% increase since ransomware became a prevalent threat in 2019.

CISA: Hive Ransomware has Netted More than $100 Million from Over 1,300 Victims

Nov 18, 2022 |
The Record
The Hive ransomware group has brought in more than $100 million from attacks on more than 1,300 companies worldwide from June 2021 to November 2022, according to a new joint report from several U.S. agencies.

Everything You Need to Know About LockBit

Nov 2, 2022 |
Dark Reading
While the ransomware-for-hire group works to create ever more efficient exploits, companies can protect themselves with structured vulnerability management processes. Prioritize threats based on severity and risk.

Remaining Resilient in the Face of Cyberthreats – NCSAM

Oct 28, 2022 |
Industry Today
These past few years have tested organizations across all industries resilience against cyberattacks. As news of data breaches continue to permeate the headlines, many businesses and consumers are asking themselves, “What can I do?” With this in mind, the 2022 theme for National Cybersecurity Awareness month is ‘See Yourself in Cyber,” because everyone has a role to play in the fight against cyber adversaries.

See Yourself in Cyber – The Human Element is Crucial

Oct 26, 2022 |
Cyber Protection Magazine
Cybersecurity Awareness Month is coming to an end, and with this year’s focus on the human element of cybersecurity, we collected another round of expert commentaries from the industry.

Cybersecurity Awareness Month: See Yourself In Cyber

Oct 26, 2022 |
This October is Cybersecurity Awareness Month, a month dedicated to keeping individuals and companies safe online as threats become increasingly widespread. This year’s theme, “See Yourself in Cyber,” emphasizes the human aspect of cybersecurity. 

18 Ransomware Vulnerabilities are not Detected by Popular Scanners

Oct 21, 2022 |
Times of India
Around 18 Ransomware vulnerabilities are not being detected by popular scanners, according to the latest Ransomware Spotlight Report published by Cyber Security Works.

Cyber Security Works Reveals 13 Vulnerabilities have become Newly Associated with Ransomware

Oct 20, 2022 |
13 new vulnerabilities have become associated with Ransomware in the past two quarters, and 10 out of 13 vulnerabilities have critical severity ratings. Over 49% of these vulnerabilities are trending as attackers are actively interested in them.

Ransomware Vulnerabilities Soar as Attackers Look for Easy Targets

Oct 20, 2022 |
Venture Beat
In the latest Ransomware Index Report Q2-Q3 2022, published today, identifies which vulnerabilities lead to ransomware attacks and how quickly undetected ransomware attackers work to take control of an entire organization.

This Week in IT: Gartner IT Symposium, Ransomware, Google Workspace feature, Windows Terminal

Oct 20, 2022 |
My Tech Decisions
A new report from Ivanti, Cyber Security Works and Cyware found that ransomware has exploded since 2019, increased by nearly 470%. Ransomware groups are growing in volume and sophistication, with groups leveraging 35 vulnerabilities in the first three quarters of 2022.

People Take Center Stage this National Cyber Security Awareness Month

Oct 10, 2022 |
Cybersecurity Insiders
Ransomware and other cyberattacks have been used in a variety of ways throughout the year, underscoring the attackers’ growing technological sophistication and the threat to businesses throughout the globe.

Noberus Amps Its Tactics: How IT Leaders Can Keep Up with Evolving Ransomware

Sep 29, 2022 |
Information Week
Ransomware descended from the tool used in the Colonial Pipeline attack in 2021 has been leveraging new tools, tactics, and procedures. What does this evolving threat mean for its potential targets?

A Cybersecurity Firm Assessed a State’s Entire Education System, Finding Thousands of Security Risks

Sep 22, 2022 |
The Journal
Cyber Security Works, an IT risk management company and partner agency of the U.S. Department of Homeland Security, recently conducted an assessment of an entire state’s public education system, analyzing the security posture across 180 school districts and charter schools.

Local FBI Office Reaches out to New Mexico Businesses with Cybersecurity Tips before Malicious Actors can Act

Sep 19, 2022 |
New Mexico INNO
While he’d never call it official business advice, Jim A. Garcia can offer an important tip to protect against cybersecurity threats. “Whatever you think you are doing, and wherever you think you are [in terms of security], they are much smarter than you,” the executive director of the Associated Contractors of New Mexico said of hackers, malicious actors and others seeking to wreak havoc online.

FBI and CISA Responded to a Cyber Attack and Ransomware Incident on Los Angeles School District (LAUSD)

Sep 16, 2022 |
CPO Magazine
The Los Angeles Unified School District (LAUSD) suffered a cyber attack over the Labor Day holiday weekend, causing “significant disruption” to its digital infrastructure.

5 Safeguarding Tips for Schools this Year

Sep 16, 2022 |
ESchool News
Criminal cyber groups have made it abundantly clear that there is no type of organization they will not target–the more vulnerable they are, the easier it will be to victimize. Unfortunately for us, the organizations most at risk are often public institutions.

What Is Patch Management?

Sep 16, 2022 |
How software patching can protect you, your customers and your organization.

LAUSD Ransomware Attack: Action Too Little, Too Late?

Sep 14, 2022 |
Security Boulevard
Going back to school in a pandemic after a long summer is frenetic enough without a ransomware attack disrupting educators’ best-laid plans. The Los Angeles Unified School District avoided just such a disruption after it discovered a ransomware incident Saturday night, September 3, 2022, just days before schools were set to open after the U.S. Labor Day holiday.

Everything You Need To Know About BlackCat (AlphaV)

Sep 8, 2022 |
Aaron Sandeen, Dark Reading
A relative newcomer to the ransomware scene, the BlackCat group quickly gained notoriety and may be associated with other APT groups like Conti and DarkSide.

LAUSD Ransomware Attack: A Wake-Up Call for Policymakers?

Sep 8, 2022 |
The Journal
Describing the Labor Day weekend ransomware attack and response at Los Angeles Unified School District, Superintendent Alberto M. Carvalho, during a Tuesday press conference, referred to the events as “unprecedented.”

AmiViz to offer Cyber Security Works AI-powered Attack Surface and Vulnerability Management solutions

Aug 25, 2022 |
Security Middle East & Africa
Middle East region’s first enterprise B2B marketplace, AmiViz today announced that the company has signed a partnership with Cyber Security Works (CSW), a leading platform and services provider of predictive, AI-powered Attack Surface and Vulnerability Management solutions.

Ransomware Attacks Hit Two Out Of Three Organizations In 2021: Here’s What You Need To Know

Aug 22, 2022 |
The percentage of organizations hit with ransomware attacks jumped to 66% in 2021, representing a 29% year-over-year increase. As attacks become more complex and adversaries become more capable of deploying ransomware at scale, organizations have gotten better at dealing with the aftermath—but they’re still struggling to prevent attacks in the first place.

BlackCat Ransomware Gang Targets Luxembourg Energy Giant Creos

Aug 3, 2022 |
The news was officially made public by Creos’ parent company Encevo Group late last month after the BlackCat ransomware group claimed to have successfully targeted the Luxembourg-based energy company. While the energy supply to customers remains uninterrupted, the ransomware gang still has 150 GB of Creos data and is threatening to publish it online.

How Security Vulnerabilities Pose Risks for Healthcare Organizations

Jul 13, 2022 |
Tech Republic
An analysis by Cyber SecurityWorks uncovered 624 vulnerabilities that cybercriminals could exploit to target healthcare facilities.

Federal Government Invests in Cybersecurity; Experts React

Jun 24, 2022 |
“The federal government’s investments should help government agencies establish their security posture through proactive penetration testing and ongoing vulnerability management. Enterprises must repair the vulnerabilities that threat groups and attackers exploit in order to prevent catastrophe. To truly safeguard their organization from potential cyberattacks, leaders must enhance their cybersecurity visibility of known and unknowable assets, validate more frequently, and look for early warning capabilities as the world’s cybersecurity issues grow.”

Aaron Sandeen Of Cyber Security Works On The 5 Things Every American Business Leader Should Do To Shield Themselves From A Cyberattack

Jun 22, 2022 |
Aaron, Sandeen Authority Magazine
Understand your attack surface — Your attack surface is how a hacker sees your organization from the outside and includes details from the deep and dark webs. You need to continuously scan your known and unknown assets to identify any exposures, APIs, expired certificates, vulnerabilities in your technology stack, data leakage, open ports / protocols / services, non-production systems exposed to the public, assets potentially exposed to ransomware and much more.

CSW: Attackers Weaponize Vulnerabilities Days After Publishing

Jun 3, 2022 |
SDX Central
Cyber Security Works (CSW) reported 22 new vulnerabilities associated with ransomware in the first quarter, a 7.6% spike since January, and the time window to patch before vulnerabilities are exploited is getting shorter.

Vulnerabilities Associated With Ransomware Up 7.6% in Q1 2022: Report

May 23, 2022 |
The Conti ransomware gang was associated with exploiting the most vulnerabilities — 19 of the 22 new ones. BlackCat, LockBit, and AvosLocker exploited the rest.

The True Danger for Organizations: Unpatched Vulnerabilities

May 20, 2022 |
Aaron Sandeen, Security Boulevard
It is no secret that 2021 saw an increase in cyberattacks all around the globe; specifically in critical infrastructure organizations. In October of that year, The U.S. Cybersecurity and Infrastructure Security Agency issued Alert AA21-287 in response to cyberattacks targeting the financial, gas, food and transportation sectors. The advisory was released to draw attention to infrastructure vulnerability and the facilities being targeted by hostile cyber activity.