Ransomware Trend Awareness – New Vulnerabilities Utilized in Q1 2023 Ransomware Attacks

HelpNetSecurity provided a summary on a recent report produced by researchers at Ivanti, Securin, and Cyware discussing ransomware-related vulnerabilities for Q1 2023. Twelve new vulnerabilities have become associated with ransomware over this period, 73 percent of which are trending on the deep and dark web. Eighteen ransomware-associated vulnerabilities are currently not being detected by popular scanners, and 119 are present in open-source code that multiple vendors and products utilize.

In addition to vulnerabilities, the document also tracks weakness categories that make products and organizations more at risk of being successfully targeted by ransomware and an analysis of how these vulnerabilities interact with the MITRE ATT&CK® Framework. Read more at HelpNetSecurity.

Analyst note (Jennifer Lyn Walker): This report references the MITRE ATT&CK® Framework as a “kill chain.” This is a misnomer and appears to be confounded with the well-known Lockheed Martin Cyber Kill Chain®. ATT&CK® is a knowledge base of adversary tactics and techniques based on real-world observations. While ATT&CK® does have tools to build out an attack model/path, to the best of my knowledge MITRE intentionally does not refer to “kill chain” so as not to cause confusion.

Despite this confusion, at first blush, this comprehensive report has practical information on currently observed ransomware attack trends that should be useful in updating and prioritizing cyber defenses.