Vulnerabilities - Securin

Sep 27, 2021

Critical VMware Vulnerability: Patch CVE-2021-22005 Now!

On September 21, 2021, VMware published an advisory warning of nineteen vulnerabilities in their vCenter Server. Of the nineteen vulnerabilities, one CVE stands out as being extremely critical and potential to be exploited by ransomware—CVE-2021-22005.

Sep 15, 2021

Microsoft Exchange ProxyShell and Windows PetitPotam vulnerabilities chained in New Attack

The LockFile ransomware group has been actively exploiting the Microsoft Exchange ProxyShell vulnerabilities. Read our analysis to understand how you can protect yourself from a potential ransomware attack.

Sep 11, 2021

CVE-2021-26084: Patch the Confluence Servers Now!

The United States Cyber Command and Cybersecurity Infrastructure Security Agency (CISA) rang the warning bells for companies to patch a critical vulnerability (CVE-2021-26084) in the Atlassian Confluence Server and Data Center. Here is our analysis about this vulnerability.

Aug 11, 2021

Critical SolarWinds Serv-U FTP Flaw Exploited by New Chinese Threat Group

The US defense industrial base sector and many organizations from critical industries were recently affected by an unpatched critical remote code execution flaw in the Solarwinds Serv-U FTP server software that was exploited by a new Chinese threat group.

Jul 19, 2021

SolarWinds—Attackers at It Again in Back-to-Back Campaigns

Nobelium, the APT group behind the infamous SolarWinds attack, has resurfaced in two recent campaigns against US-based IT companies and government organizations. Check out Securin’s analysis about 18 vulnerabilities used by the group to exploit and infiltrate their targets.

Jul 14, 2021

New Threat Group Agrius Exploits Old Fortinet VPN Vulnerabilities

New APT Group Agrius is exploiting Fortinet’s vulnerabilities to attack their targets. Shodan results show 56000 target assets around the world that could be vulnerable to an attack. Check out our analysis for more information.

Jul 8, 2021

Back-to-Back Air India Attacks Indicating More than Just a Data Breach?

The Airline industry is on the brink of a supply-chain attack from threat groups like APT41. According to our research findings, there are 20 vulnerabilities associated with the APT41 threat group.

Jul 2, 2021

How to Detect CVE-2021-34527?

CSW Pentester’s have released a script to detect the Windows Print Spooler Remote Code Execution Vulnerability. Running the script can help organizations detect connected devices that could be vulnerable to exploits.

May 31, 2021

CVE-2021-21985: Patch this Trending VMware Vulnerability

On the 25th of May 2021, VMware published an advisory warning of two vulnerabilities - CVE-2021-21985 and CVE-2021-21986 - in their vCenter Server and Cloud Foundation products.

May 4, 2021

NSA Validates Securin’s Warning on Two Critical Vulnerabilities

In May 2020, Securin warned the industry of two critical vulnerabilities in Pulse Secure VPN and Citrix’s Remote Desktop solution that could be used by Ransomware or APT groups. One year after our warning, NSA, FBI and CISA validated the same.

Mar 2, 2021

Google Trends: Most Searched Top 10 Vulnerabilities in 2020

CSW experts compiled the list of vulnerabilities that were highly searched in Google and came up with top 10 CVEs.

Feb 11, 2021

Sri Lankan Domain Attack: Exposed Credentials Available in Dark Web for Eight Years!

Investigations on the Sri Lankan Domain attack reveal that threat actors could have used exposed credentials and vulnerabilities to breach and redirect the websites. These credentials have been exposed on the dark web for the past eight years!

Attack Surface Management

Vulnerability Intelligence

Vulnerability Management

Penetration Testing

PARTNERS

RESOURCES

WHO WE ARE

CAREERS