Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

Most ransomware attacks rely on exploiting older, unpatched vulnerabilities

Image Description

Ransomware attackers exploited a dozen new vulnerabilities in campaigns in Q3 2021, bringing the total number of vulnerabilities associated with ransomware to 278, claims a new report.

Compiled by cybersecurity vendor Ivanti, the report reveals that ransomware groups are continuing to grow in sophistication, boldness, and volume, with numbers up across the board since Q2 2021. 

It tracked a 4.5% increase in CVEs associated with ransomware in Q3 2021, along with a similar increase in actively exploited and trending vulnerabilities, along with a 3.4% increase in ransomware families, as compared to Q2 2021. 

TechRadar needs you!

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window

"Ransomware groups continue to mature their tactics, expand their attack arsenals, and target unpatched vulnerabilities across enterprise attack surfaces,” notes Srinivas Mukkamala, Senior Vice President of Security Products at Ivanti.

Attacking unpatched vulnerabilities

Out of the 12 vulnerabilities newly associated with ransomware, five are capable of remote code execution attacks, and two are capable of exploiting web applications and being manipulated to launch denial-of-service attacks.

Importantly, the report also showed a 1.2% increase in older vulnerabilities tied to ransomware compared to the previous quarter, bringing the total count of older vulnerabilities associated with ransomware to 258. 

This means that a staggering 92.4% of all vulnerabilities tied to ransomware are those that have already been patched..

In fact, Ivanti notes that In Q3 2021, the Cring ransomware group targeted two older vulnerabilities, namely CVE-2009-3960 and CVE-2010-2861, that have had patches for over a decade.

“It’s critical that organizations take a proactive, risk-based approach to patch management and leverage automation technologies to reduce the mean time to detect, discover, remediate, and respond to ransomware attacks and other cyber threats,” concludes Mukkamala.

Build a digital moat around your network using one of these best firewall apps and services, and protect your computers against all kinds of cyber-attacks with these best endpoint protection tools

Date

10 Nov 2021

Sources


Share


Other Blog

  • Python custodians apologize for "cursed" start to the year

    Developers from Python have published three new versions of the programming language, and apologized for the process not going as smoothly as planned.

    In the release announcement, CPython core developer Łukasz Langa said that all versions were “cursed in some way”, and that developing them was a “bumpy ride”. 

    However, the Python Software Foundation (PSF) is happy with the end result, and claims to be on route to making Python twice as fast as it used to be.

    Speeding things up

    There are now three versions of Python now available - 3.9.x - the “legacy series”, 3.10.x, the latest series of Python 3, and 3.11.x, the version that hints to the future. 

    "The releases you're looking at were all cursed in some way. What a way to start 2022! Besides the certificate hold up, Python 3.10.2 is an expedited release (you'll want to upgrade, read below!), Python 3.11.0a4 had almost 20 (sic, twenty!) release blockers before being finally green, and Python 3.9.10 was made from a new M1 Mac on macOS Monterey which made the usually boring process quite a ride," Langa explained.

    The new versions are being shipped out without Windows installers, as there was an issue with renewing certificates. But with the earlier releases having a major memory leak issue, the devs are recommending the new versions, anyway.

    "We've held the releases all week while the situation is getting resolved but the urgency of 3.10.2 in particular made us release without the Windows installers after all," Langa further said. 

    The problem with the certificates is expected to be solved in the coming days. 

    While the current main version (3.10) solves memory leak issues and other problems, the upcoming 3.11.x versions are inching the product closer to creator Guido van Rossum’s plan, that was laid out at the PyCon 2021 conference.

    Van Rossum’s idea is to make Python 3.11 twice as fast as 3.10. Right now, it’s about 19% faster, ZDNet reports. 

    Via: ZDNet

    Read More
  • One of the best Prime Day laptop deals is back from the dead – but for how long?

    Save a huge £600 on the Samsung Galaxy Book Flex, which is still on sale for Prime Day.

    Read More
  • Windows 10 users could soon get another annoying pop-up from Microsoft

    It looks like Microsoft has found another way to annoy Windows 10 users, but what are its actual intentions?

    Read More
  • Can't stand the MacBook notch? There's an app for that

    Apple’s new MacBooks are out and reviews are glowing, especially with the return of ports that’s sure to help pros in their workflows.

    However, a big bone of contention for many has been the notch. It’s at the top of the display which houses the camera while not getting in the way of you doing work.

    While we didn’t see an issue with it in our MacBook Pro 14-inch (2021) review, some are still wanting to find ways to hide the notch regardless, which is where a few apps have appeared to grant this wish. But it doesn’t seem needed in the long run.

    On the head, Mac

    The MacBooks have only just been released, and yet there’s apps that already hide the notch. The menu bar takes care of this by blending in with the notch, while it disappears when an app switches to full-screen.

    When I upgraded to an iPhone X in 2017, it took me a few weeks to ignore the notch. Now, it’s something I accept.

    With a notch on a 14-inch or 16-inch display, it’s something you’re barely going to notice. But, there are two apps that can hide the notch if you really want to.

    However, you may still want something to hide it completely. 

    Forehead is a utility that can make the Menu Bar black, and a future update will even add a virtual notch if you’re feeling left out on your older Mac. This is free but the developer does have a donation option.

    TopNotch also tries to fix the notch problem by making sure that the Menu Bar stays black across any window that you’re using. It runs in the background so if you change your wallpaper, the app will adjust the notch accordingly. It’s also another free download.  

    Much ado about nothing

    The notch is an example of not knowing how something truly is until you see it in person. You’ll be able to test out the new MacBooks at your nearest Apple Store, or another authorized vendor to judge for yourself.

    But I suspect that the MacBook Pro notch will eventually be accepted as much as the notch on the iPhone was. There’s an argument for why FaceID isn’t on the new MacBooks, which is valid. But if you want a screen with a thin bezel, this is the compromise that Apple argues needs to be made.

    There’s undoubtedly going to be improvements in the future where the notch is reduced in size, similar to the iPhone 13 Pro. However, it’s not something that should make you hold off from purchasing if you’ve been waiting for these new machines.

    These are the best MacBooks that Apple has designed in years, with a new focus on what makes a great professional laptop. For a bigger display that also has ProMotion at 120Hz, it’s a small price to pay for what you’re getting overall.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us