Most vulnerabilities associated with ransomware are old

2023-02-22 04:30

Researchers identified 56 new vulnerabilities associated with ransomware threats among a total of 344 threats identified in 2022 - marking a 19% increase year-over-year.

Threat actors are actively searching the internet and deep and dark web for 180 vulnerabilities known to be associated with ransomware.

Scanners are not detecting all threats: Popular scanners do not detect 20 vulnerabilities associated with ransomware.

While the CISA Known Exploited Vulnerabilities catalog contains 8661 vulnerabilities, 131 of the vulnerabilities associated with ransomware are yet to be added.

The study found 57 ransomware-associated vulnerabilities with low and medium-sized scores that are associated with infamous ransomware families and can wreak havoc on an organization and disrupt business continuity.

"IT and security teams are being tripped up by open-source, old, and low-scoring vulnerabilities associated with ransomware. IT and security teams will want to scrutinize both in-house and vendor software to identify and remediate vulnerabilities before deploying new solutions and patch existing software as soon as vulnerabilities are announced."

News URL

https://www.helpnetsecurity.com/2023/02/22/vulnerabilities-ransomware-old/

#ransomware #vulnerabilities