Prioritize patching vulnerabilities associated with ransomware

2022-05-19 04:00

A threat research from Cyber Security Works has revealed a 7.6% increase in ransomware vulnerabilities since the publication of the Ransomware Spotlight Report in January 2022.

The top stats 22 new vulnerabilities and nine new weaknesses have been associated with ransomware since January 2022; of the 22, a whopping 21 are considered of critical or high risk severity.

19 of the newly-added vulnerabilities are associated with the Conti ransomware gang.

Researchers also noticed a 6.8% increase in vulnerabilities trending in the deep and dark web and hacker channels, proving the significance of these vulnerabilities in future ransomware attacks.

"Today, on average, vulnerabilities are being weaponized within eight days of being published by the vendor. Latencies are dangerous windows of opportunities that are afforded to the attackers, and they spare no time in exploiting them," said Aaron Sandeen, CEO, CSW. "We also noticed that attackers are going after specific types of weaknesses associated with key products. Organizations will need to utilize attack surface management and perform additional application scanning to understand and prioritize vulnerabilities associated with ransomware."

These 11 vulnerabilities are associated with ransomware groups such as Ryuk, Petya and Locky.

News URL

https://www.helpnetsecurity.com/2022/05/19/increase-ransomware-vulnerabilities/

#ransomware #vulnerabilities