Recent findings from GreyNoise's Mass Internet Exploitation Report reveal that 28% of vulnerabilities in CISA's Known Exploited Vulnerability (KEV) catalog were exploited in ransomware attacks. The catalog serves as a strategic tool for attackers, highlighting vulnerabilities previously exploited successfully. Interestingly, some vulnerabilities are exploited by ransomware actors prior to being added to the KEV list, showcasing a proactive threat. While the KEV program aims to enhance public sector security, its effects are trickling down to the private sector, indicating a complex relationship between vulnerability reporting and attacker behavior.
Fresh research suggests attackers are actively monitoring databases of vulnerabilities that are known to be useful in carrying out ransomware attacks.
GreyNoise's data showed not all KEV catalog listings were inspirational for ransomware slingers. Some bugs were exploited by extortionists just before CISA added them to the KEV catalog.
Collection
[
|
...
]