Media Coverage

A February report published by Cyber Security Works, Cyware, Ivanti and Securin identified 131 exploited vulnerabilities that were yet to be included, with 111 first discovered in 2019 or prior.

Cyber Security Works Inc., a leading security company, today announced that it is rebranding as Securin Inc. due to the evolution of its service capabilities and offerings. Under the new identity, it will provide tech-enabled security solutions to continuously improve customers’ security posture and help them gain resilience against evolving threats.

National defense and security experts long predicted that future warfare would not be waged by firearms but with code designed to disable services people depend on for daily life.

This week, the White House released its National Cyber Strategy, outlining how the Biden administration intends to safeguard the US from growing online threats. The Administration focused largely on the shift of responsibility for cybersecurity away from individuals and small businesses to large tech organizations.

Research reports find that vulnerabilities for which patches have already been issued remain hackers’ primary way into an organization.

Ransomware attacks continue to gain attention due to their increased sophistication and the widespread impacts they have. Hackers are constantly developing new methods to deliver ransomware, such as using social engineering tactics to trick users into clicking on malicious links or downloading infected files.

The 14 states in that region have more than 100,000 vulnerabilities, misconfigurations and data leaks that all must be addressed to prevent attacks, researchers found.

Joint study by Cyber Security Works, Ivanti, Cyware, and Securin also identifies 56 new ransomware-associated vulnerabilities, for a year-end total of 344 ransomware threats in 2022.

Researchers identified 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022 – marking a 19% increase year-over-year.

New research shows that 57 vulnerabilities that threat actors are currently using in ransomware attacks enable everything from initial access to data theft.

More than 76% of vulnerabilities still being exploited by ransomware were discovered between 2010 and 2019, according to new cybersecurity research.

Researchers found that eight of the 131 vulnerabilities associated with ransomware not yet listed in a federal catalog meant to help the cybersecurity community are considered “most dangerous” because they could be easily exploited from initial access to exfiltration.

In the last quarter of 2022 alone, aggressive ransomware groups exploited 21 of 180 vulnerabilities already known to be associated with digital hijacking, a joint report issued by cybersecurity providers Cyber Security Works (CSW), Ivanti, Cyware and Securin found.

The importance of a strong patch management strategy has been highlighted by a new report which shows that the majority of vulnerabilities used by ransomware actors have been known about for years.

Ransomware hackers are delving into the archives, looking for old vulnerabilities that could be exploited in new attacks, experts have claimed.

Ransomware attackers are finding new ways to exploit organizations’ security weaknesses by weaponizing old vulnerabilities.

A new report from Cyber Security Works (CSW), Ivanti, Cyware, and Securin reveals the devastating toll that ransomware had on organizations globally in 2022. The study, 2023 Spotlight Report: Ransomware Through the Lens of Threat and Vulnerability Management, identified 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022-marking a 19% increase year-over-year.

A new report from Cyber Security Works shows that 76% of all ransomware-associated vulnerabilities tracked in 2022 were old flaws initially discovered between 2010 and 2019.

Cyber threats have already plagued January of 2023, causing organizations to invest more than ever in protective measures. The average cost of a data breach in 2022 was $4.35 million, and ransomware attacks cost organizations an average of $4.84 million, which does not account for the personal losses some cyber attacks have caused.

Online safety has never been more important, with so much of our personal and professional data available on the internet today. Each year, millions of people come together to spread awareness and celebrate Safer Internet Day on Feb 7th.

Safer Internet Day is an annual event that is being celebrated today, February 7, 2023. With the rapid growth of the internet and its increasing usage in every aspect of our lives, it has become crucial to promote a safe and secure online environment for all.

News is breaking that cybercriminals are actively exploiting a two-year-old VMware vulnerability as part of a large scale ransomware campaign targeting thousands of organizations worldwide.

News is breaking that cybercriminals are actively exploiting a two-year-old VMware vulnerability as part of a large scale ransomware campaign targeting thousands of organizations worldwide.

France’s Computer Emergency Response Team (CERT-FR) and Italy’s National Cybersecurity Agency (ACN) have both warned of a widespread ransomware campaign that’s exploiting a vulnerability in VMware ESXi servers.

Welcome to Momentum Cyber’s special report on the evolution of cybersecurity services. There has never been a more exciting time for this sector of the market. Google Cloud’s $5.4 billion acquisition of Mandiant, one of two public cybersecurity companies with significant services revenue, was a signature move that will impact the entire industry for years to come. This special report focuses on the impact of this deal on the industry and what to expect next.

Is the United States heading toward a recession? If we are, then profits will dip, and belts will be tightened while we wait for the government to turn things round. Most, but not all, businesses will survive; but all will be affected.

It’s no surprise that security is a major topic of conversation, with cyberattacks of all kinds increasing in frequency year after year. In today’s threat environment, it’s important that businesses are on top of the trends and know what they need to look out for, both now and down the road. So we’ve collected commentary from experts in the cybersecurity field sharing their predictions for 2023.

The last few years have been rough on cybersecurity professionals. With each passing month, the threat environment has intensified. Aaron Sandeen, the co-founder of CSW, analyzes quick statistics to illustrate the expected cybersecurity trends in 2023.

Part of of the 2023 cybersecurity prediction series, Aaron Sandeen shares his thoughts and concerns on the security industry.

CSW CEO, Aaron Sandeen, and other industry experts share their predictions for 2023. Read them in this 15th annual VMblog.com predictions series.

CISA’s Known Exploited Vulnerabilities Catalog has become a valuable repository of vulnerabilities to be patched. A pair of reports analyze the vulnerabilities under attack to understand the kind of threats organizations should be prioritizing.

Organizations are increasingly cautious in regard to navigating the economic downturn. Increased inflation and reduced expenses are causing many to take a close look at the budgets for cybersecurity in the face of growing complexities of the cyber attack landscape.

The number of attacks aimed at the health-care industry has increased significantly during the past few years. Health-care institutions are ‌vulnerable to cyberattacks because they have access to highly valuable information, in terms of money and intelligence, sought after by nation-state actors and cybercriminals.

Since our last ransomware report earlier this year, both the severity and complexity of attacker tactics continue to grow as we head into the final quarter of 2022. The total number of ransomware vulnerabilities out there has climbed to 323. It is about a 450% increase since ransomware became a prevalent threat in 2019.

The Hive ransomware group has brought in more than $100 million from attacks on more than 1,300 companies worldwide from June 2021 to November 2022, according to a new joint report from several U.S. agencies.

While the ransomware-for-hire group works to create ever more efficient exploits, companies can protect themselves with structured vulnerability management processes. Prioritize threats based on severity and risk.

These past few years have tested organizations across all industries resilience against cyberattacks. As news of data breaches continue to permeate the headlines, many businesses and consumers are asking themselves, “What can I do?” With this in mind, the 2022 theme for National Cybersecurity Awareness month is ‘See Yourself in Cyber,” because everyone has a role to play in the fight against cyber adversaries.

Cybersecurity Awareness Month is coming to an end, and with this year’s focus on the human element of cybersecurity, we collected another round of expert commentaries from the industry.

This October is Cybersecurity Awareness Month, a month dedicated to keeping individuals and companies safe online as threats become increasingly widespread. This year’s theme, “See Yourself in Cyber,” emphasizes the human aspect of cybersecurity. 

Around 18 Ransomware vulnerabilities are not being detected by popular scanners, according to the latest Ransomware Spotlight Report published by Cyber Security Works.

13 new vulnerabilities have become associated with Ransomware in the past two quarters, and 10 out of 13 vulnerabilities have critical severity ratings. Over 49% of these vulnerabilities are trending as attackers are actively interested in them.

In the latest Ransomware Index Report Q2-Q3 2022, published today, identifies which vulnerabilities lead to ransomware attacks and how quickly undetected ransomware attackers work to take control of an entire organization.

A new report from Ivanti, Cyber Security Works and Cyware found that ransomware has exploded since 2019, increased by nearly 470%. Ransomware groups are growing in volume and sophistication, with groups leveraging 35 vulnerabilities in the first three quarters of 2022.

Ransomware and other cyberattacks have been used in a variety of ways throughout the year, underscoring the attackers’ growing technological sophistication and the threat to businesses throughout the globe.

Ransomware descended from the tool used in the Colonial Pipeline attack in 2021 has been leveraging new tools, tactics, and procedures. What does this evolving threat mean for its potential targets?

Cyber Security Works, an IT risk management company and partner agency of the U.S. Department of Homeland Security, recently conducted an assessment of an entire state’s public education system, analyzing the security posture across 180 school districts and charter schools.

While he’d never call it official business advice, Jim A. Garcia can offer an important tip to protect against cybersecurity threats. “Whatever you think you are doing, and wherever you think you are [in terms of security], they are much smarter than you,” the executive director of the Associated Contractors of New Mexico said of hackers, malicious actors and others seeking to wreak havoc online.

The Los Angeles Unified School District (LAUSD) suffered a cyber attack over the Labor Day holiday weekend, causing “significant disruption” to its digital infrastructure.

Criminal cyber groups have made it abundantly clear that there is no type of organization they will not target–the more vulnerable they are, the easier it will be to victimize. Unfortunately for us, the organizations most at risk are often public institutions.

How software patching can protect you, your customers and your organization.