Hackers continue to target zero-day vulnerabilities
Unpatched vulnerabilities remain the most prominent attack vectors exploited by ransomware groups, according to a new report.
The study by Ivanti, produced in conjunction with Cyber Security Works, shows 65 new vulnerabilities tied to ransomware last year, representing a 29 percent growth compared to the previous year and bringing the total number of vulnerabilities associated with ransomware to 288.
What's more, hackers are finding zero days even before they get added to the National Vulnerability Database. The QNAP (CVE-2021-28799), Sonic Wall (CVE-2021-20016), Kaseya (CVE-2021-30116), and most recently Apache Log4j (CVE-2021-44228) vulnerabilities were exploited before they made it on to the NVD.
Supply chain networks are also increasingly being targeted in order to cause maximum disruption. A single software supply chain compromise can open multiple avenues for threat actors to hijack complete system distributions across hundreds of victim networks.
"Ransomware groups are becoming more sophisticated, and their attacks more impactful," says Srinivas Mukkamala, Senior Vice President of Security Products at Ivanti. "These threat actors are increasingly leveraging automated tool kits to exploit vulnerabilities and penetrate deeper into compromised networks. They are also expanding their targets and waging more attacks on critical sectors, disrupting daily lives and causing unprecedented damage. Organizations need to be extra vigilant and patch weaponized vulnerabilities without delays. This requires leveraging a combination of risk-based vulnerability prioritization and automated patch intelligence to identify and prioritize vulnerability weaknesses and then accelerate remediation."
The full report is available from the Ivanti site.