Ransomware research reveals 12 vulnerabilities newly associated with ransomware in Q1 2023

ALBUQUERQUE, N.M. — Ransomware attacks are rising, with attackers targeting over 7,000 products across 121 vendors used by enterprises for their operations. In March 2023, the total number of breaches reported was higher than those reported in the previous three years combined. Ransomware groups are continuously weaponizing vulnerabilities and adding them to their arsenal to mount crippling and disruptive attacks on their victims.

The latest joint Ransomware Index Report has identified 12 vulnerabilities newly associated with ransomware in Q1 2023. The report provides an update on key metrics that are being tracked in relation to ransomware, providing valuable insights to enterprises on how to safeguard their data and assets from these escalating threats.

The top five takeaways from this report include:

  1. In Q1 2023, 12 new vulnerabilities have become associated with ransomware. 73% of these vulnerabilities were trending on the internet and the deep and dark web in the past quarter. With this increase, 7,444 products and 121 vendors are now vulnerable to ransomware attacks, of which Microsoft leads the pack with 135 ransomware-associated vulnerabilities.
  2. The complete MITRE ATT&CK kill chain is present in 59 vulnerabilities; two vulnerabilities are brand new. Vulnerabilities with a MITRE ATT&CK kill chain allow attackers to exploit them from end-to-end (initial access to exfiltration), making them extremely dangerous. However, popular scanners are currently failing to detect three of these vulnerabilities.
  3. Popular scanners do not detect 18 vulnerabilities associated with ransomware, exposing enterprises to significant risks.
  4. Open-source vulnerabilities have increased, with 119 ransomware-associated vulnerabilities now present in multiple vendors and products. This is an extremely pressing concern since open-source codes are used widely in many tools.
  5. Two APT groups have newly begun using ransomware as a weapon of choice, including DEV-0569 and Karakurt, bringing the overall number of APT groups capitalizing on ransomware to 52.

Commenting on the key takeaways, Aaron Sandeen, CEO and Co-founder of Securin, said, “We keep hearing from our customers across all industries how mitigating…