"Barracuda research shows that nine out of ten ransomware incidents in 2025 exploited firewalls. In the fastest case, there were three hours between the intrusion and the deployment of ransomware. Vulnerabilities that are more than ten years old are also still being actively exploited. The findings of the Barracuda Managed XDR Global Threat Report are based on more than two trillion IT events collected in 2025, including nearly 600,000 security alerts and data from more than 300,000 secured endpoints."
"The report shows that in 90 percent of the ransomware incidents investigated, attackers gained access through firewalls. This was done by exploiting unpatched software or vulnerable accounts. The most frequently detected vulnerability ( CVE-2013-2566) is thirteen years old. It is a bug in the RC4 algorithm used by the TLS and SSL protocols. Anyone who wants to be protected from this danger should use TLS 1.3."
Nine out of ten ransomware incidents in 2025 exploited firewalls by leveraging unpatched software or vulnerable accounts. The most frequently detected vulnerability, CVE-2013-2566, is thirteen years old and stems from a bug in the RC4 algorithm; operators should use TLS 1.3 and avoid RC4/SSL 3.0. In the fastest observed case, Akira ransomware began encrypting data three hours after initial intrusion. Attackers often use Living Off The Land techniques and legitimate remote-access tools to move laterally. When lateral movement occurs, 96 percent of incidents result in ransomware. Data derives from over two trillion IT events, nearly 600,000 alerts, and 300,000 endpoints.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]