Experts Reveals 29% Surge in Bugs Used by Ransomware Actors
There’s been a 29% increase in the number of vulnerabilities exploited by ransomware groups to compromise their targets over the past year, according to a new industry report.
The Ransomware Spotlight Year End Report was written by security vendors Ivanti and Cyware alongside CVE numbering authority Cyber Security Works. It’s compiled from multiple data sources, including Ivanti and CSW, publicly available threat databases and threat researchers and pen-testing teams.
The analysis revealed 65 new bugs associated with ransomware in 2021, totaling 288. Over a third (37%) of the newly added vulnerabilities were found trending on dark websites and subject to repeated exploitation as a result. Plus, over half (56%) of the older CVEs are still being regularly exploited, it said.
The report also highlighted that many zero-day vulnerabilities are being exploited before they’ve even had time to be published in the US National Vulnerability Database (NVD). These include ones used to compromise Kaseya (CVE-2021-30116) and the infamous Log4Shell bug (CVE-2021-44228).
The ransomware-as-a-service (RaaS) model is helping to democratize this kind of activity across the cybercrime underground. Particularly dangerous are exploit-as-a-service offerings, which allow threat actors to rent zero-day exploits from developers, the report said.
Despite recent arrests in