Prioritize patching vulnerabilities associated with ransomware

A threat research from Cyber Security Works (CSW) has revealed a 7.6% increase in ransomware vulnerabilities since the publication of the Ransomware Spotlight Report in January 2022.

In the last quarter, ransomware attacks have made mainstream headlines on a near-daily basis, with groups like Lapsus$ and Conti’s names splashed across the page. Major organizations like Okta, Globant and Kitchenware maker Meyer Corporation have all fallen victim, and they are very much not alone. The data indicates that increasing vulnerabilities, new advanced persistent threat (APT) groups and new ransomware families are contributing to ransomware’s continued prevalence and profitability.

The top stats 22 new vulnerabilities and nine new weaknesses have been associated with ransomware since January 2022; of the 22, a whopping 21 are considered of critical or high risk severity 19 (out of 22) of the newly-added vulnerabilities are associated with the Conti ransomware gang Three new APT groups (Exotic Lily, APT 35, DEV-0401) and four new ransomware families (AvosLocker, Karma, BlackCat, Night Sky) are deploying ransomware to attack their targets 141 of CISA’s Known Exploited Vulnerabilities (KEVs) are being used by ransomware operators – including 18 newly identified this quarter 11 vulnerabilities tied to ransomware remain undetected by popular scanners 624 unique vulnerabilities were found within the 846 healthcare products analyzed The details Increase in ransomware vulnerabilities

The 7.6% increase in vulnerabilities brings the total number to 310, highlighting the fact that ransomware operators are relentlessly going after weaknesses that could be quickly weaponized.

Read more

Explore the site

More from the blog

Latest News