Ransomware is getting worse. Cybersecurity analysts have been screaming this sentiment from the rooftops for years, but now new research examining the expanding landscape of software vulnerabilities leveraged in ransomware attacks offers up some hard numbers that put the depth of this problem into context.
Researchers from RiskSense have identified as many as 223 distinct IT security vulnerabilities in the Common Vulnerabilities and Exposures (CVE) database that were tied to attacks involving ransomware in 2020. That represents a fourfold increase in the number of ransomware-related vulnerabilities discovered in their last report published in 2019.
Ransomware families are growing and becoming more complex as well. The previous report found 19 separate ransomware families; this version identified at least 125. These groups are increasingly expanding their operations, creating new malware variants, selling their tools to third parties and targeting flaws in software and web applications.
Approximately 40% of the 223 CVEs tied to recent ransomware attacks fall under five commonly identified security weaknesses: permissions, privileges and access controls, ..
Support the originator by clicking the read the rest link below.
