Cyberwar Bulletin: Iran and Albania

Ransomware

Through the lens of Threat and Vulnerability Management

Ransomware Index Update Q1 2022 Report

Are you protected from Ransomware?

Even with hundreds of vulnerability assessment tools in the market, organizations are missing early indicators of Ransomware attacks.

  • Our research identified 22 new vulnerabilities in the last 90 days
  • Our analysis identified 84 new CISA KEVs that are tied to ransomware
  • We know of 11 vulnerabilities which are not being detected by top scanners

Download the Ransomware Report and get -

  • IOCs of new Ransomware Groups
  • Top Products and Vendors affected by Ransomware
  • MITRE Mapping of vulnerabilities
  • List of vulnerabilities not detected by popular scanners
View Infographic

By submitting my contact information I consent to the processing of my data by CSW and its partner companies.

Key Insights  |  A Snapshot  |  Ransomware Reports  |  Blogs  |  Get a Ransomware Assessment

Key Insights

funnel
Ransomware-Q3-LP-2

7.6% increase in vulnerabilities associated with ransomware

50% decrease in ransomware vulnerabilities not detected by scanners

Ransomware-Q3-LP-4
Ransomware-Q3-LP-3

“The fact that scanners are not detecting critical ransomware vulnerabilities is a huge problem for organizations. CSW experts are continuously tracking this as a part of our research and analysis. The good news is, that in this quarter, we saw the number coming down. This means that scanner companies are taking this seriously. That said, there are still 11 ransomware vulnerabilities that the scanners are not detecting, where five are rated critical and associated with notorious ransomware gangs like Ryuk, Petya, and Locky.”

— Aaron Sandeen, CEO & Co-Founder at Cyber Security Works

Ransomware-Q3-LP-3

7.5% increase in APT groups using ransomware vulnerabilities

9 new CWEs enabling ransomware vulnerabilities

Ransomware-Q3-LP-4

Download Previous Reports

ransomwarebookthree

Ransomware Spotlight Report 2022

Ransomware Index Update for Q3 provides the latest ransomware trends, and the new groups, vulnerabilities and weaknesses tied to ransomware. Understand what vulnerabilities offer the greatest threat and stay protected.

ransomwarebookthree

Ransomware Index Update Q3 2021

Ransomware Index Update for Q3 provides the latest ransomware trends, and the new groups, vulnerabilities and weaknesses tied to ransomware. Understand what vulnerabilities offer the greatest threat and stay protected.

ransomwarebookthree

Ransomware Index Update Q2 2021

Ransomware index update for Q2 looks at new vulnerabilities tied to ransomware, new exploits, APT Groups, and Ransomware families. Build resilience to defend your ecosystem from crippling ransomware attacks.

ransomwarebookthree

Ransomware Index Update Q1 2021

Ransomware index update for Q1 2021 brings new vulnerabilities, exploits, APT Groups and Ransomware families that have become active in the first quarter of 2021. Get updated insights about this evolving threat and know your exposure to it.

ransomwarebookthree

Ransomware Spotlight 2021

Ransomware index update for Q1 2021 brings new vulnerabilities, exploits, APT Groups and Ransomware families that have become active in the first quarter of 2021. Get updated insights about this evolving threat and know your exposure to it.

Ransomware Attack Surface Assessment

Get a Complimentary Ransomware Attack Surface Assessment

Sign up for an assessment and speak to our experts to get answers.

  • How exposed are you to ransomware?
  • What are your known and unknown internet exposures?
  • What should you do to protect your organization against ransomware?

Blogs

May 12, 2022
All About Conti
#CyberSecurity
All About Conti
May 12, 2022 | Surojoy Gupta
Feb 4, 2022
CSW Analysis: Top Scanners Missed Vulnerabilities Tied to Ransomware in 2021
#CyberSecurity
CSW Analysis: Top Scanners Missed Vulnerabilities Tied to Ransomware in 2021
Feb 4, 2022 | Pavithra Shankar
May 19, 2022
CISA Releases a Directive Asking Organizations to Patch Known Exploited Vulnerabilities
#CyberSecurity
CISA Releases a Directive Asking Organizations to Patch Known Exploited Vulnerabilities
May 19, 2022 | Surojoy Gupta
May 19, 2022
Top Scanners Fail to Flag DHS CISA-warned KEVs
#CyberSecurity
Top Scanners Fail to Flag DHS CISA-warned KEVs
May 19, 2022 | Pavithra Shankar
May 5, 2022
Pegasus Spyware Snoops On Political Figures Worldwide
#CyberSecurity
Pegasus Spyware Snoops On Political Figures Worldwide
May 5, 2022 | Surojoy Gupta
Mar 10, 2022
Cyberwar Bulletin 1: Russia & Ukraine
#CyberSecurity
Cyberwar Bulletin 1: Russia & Ukraine
Mar 10, 2022 | Sumeetha, Priya
Mar 16, 2022
Cyberwar Bulletin 2: Are you ready for this cyberwar?
#CyberSecurity
Cyberwar Bulletin 2: Are you ready for this cyberwar?
Mar 16, 2022 | Sumeetha, Priya
Aug 19, 2021
Accenture attacked by LockBit 2.0 Ransomware
#CyberSecurity
Accenture attacked by LockBit 2.0 Ransomware
Aug 19, 2021 | Sumeetha, Surojoy
May 25, 2022
20 Percent of CVEs Listed in CISA’s Latest Directive have Ransomware Associations
#CyberSecurity
20 Percent of CVEs Listed in CISA’s Latest Directive have Ransomware Associations
May 25, 2022 | Surojoy Gupta
August 21, 2021
Darkside Ransomware: Further Threat Associations Unearthed
#CyberSecurity
Darkside Ransomware: Further Threat Associations Unearthed
August 21, 2021 | Priya Ravindran
July 12, 2021
Kaseya VSA Downed by REvil in Monumental Supply-Chain Attack
#CyberSecurity
Kaseya VSA Downed by REvil in Monumental Supply-Chain Attack
July 12, 2021 | Surojoy, Priya
June 16, 2021
REvil Brings Down JBS - the World’s Largest Meat Packer
#CyberSecurity
REvil Brings Down JBS - the World’s Largest Meat Packer
June 16, 2021 | Sumeetha
April 05, 2022
All About Qlocker
#CyberSecurity
All About Qlocker
April 05, 2022 | Priya Ravindran
May 18, 2021
Darkside: The Ransomware that brought a US pipeline to a halt
#CyberSecurity
Darkside: The Ransomware that brought a US pipeline to a halt
May 18, 2021 | Sumeetha
Apr 16, 2021
All about Ryuk
#CyberSecurity
All about Ryuk
Apr 16, 2021 | Sumeetha

Media Coverage

May 19, 2022
Ransomware Vulnerabilities Spike by 7.6% in Q1 2022
#Ransomware
Ransomware Vulnerabilities Spike by 7.6% in Q1 2022
May 19, 2022 | AiTechpark
May 19, 2022
Prioritize patching vulnerabilities associated with ransomware
#Ransomware
Prioritize patching vulnerabilities associated with ransomware
May 19, 2022 | Help Net Security
May 19, 2022
Ransomware gangs rely more on weaponizing vulnerabilities
#Ransomware
Ransomware gangs rely more on weaponizing vulnerabilities
May 19, 2022 | Bleeping Computers
May 19, 2022
Ransomware vulnerabilities increase as Russia-linked activity surges
#Ransomware
Ransomware vulnerabilities increase as Russia-linked activity surges
May 19, 2022 | Beta News
May 19, 2022
CSW Releases Q1 2022 Ransomware Report
#Ransomware
CSW Releases Q1 2022 Ransomware Report
May 19, 2022 | Industry Today
May 18, 2022
Ransomware Groups Continue to Leverage Old Vulnerabilities
#Ransomware
Ransomware Groups Continue to Leverage Old Vulnerabilities
May 18, 2022 | Health IT Security
May 18, 2022
Ransomware Vulnerabilities Spike by 7.6% in Q1 2022
#Ransomware
Ransomware Vulnerabilities Spike by 7.6% in Q1 2022
May 18, 2022 | VM Blog
May 20, 2022
The True Danger for Organizations: Unpatched Vulnerabilities
#Ransomware
The True Danger for Organizations: Unpatched Vulnerabilities
May 20, 2022 | Security Boulevard
Jun 03, 2022
CSW: Attackers Weaponize Vulnerabilities Days After..
#Ransomware
CSW: Attackers Weaponize Vulnerabilities Days After..
Jun 03, 2022 | SDX Central
May 18, 2022
Q1 2022 Ransomware Report Reveals 7.6% Increase in       Vulnerabilities Tied to Ransomware
#Ransomware
Q1 2022 Ransomware Report Reveals 7.6% Increase in Vulnerabilities Tied to Ransomware
May 18, 2022 | BusinessWire
Apr 11, 2022
Managing Ransomware in 2022
#Ransomware
Managing Ransomware in 2022
Apr 11, 2022 | IT Social
Jan 26, 2022
Cybersecurity’s challenge for 2022 is defeating weaponized ransomware
#Ransomware
Cybersecurity’s challenge for 2022 is defeating weaponized ransomware
Jan 26, 2022 | Venture Beat
Jan 26, 2022
Ransomware 2021 Year End Report Reveals Hackers are Increasingly Targeting Zero-Day Vulnerabilities and Supply Chain Networks
#Ransomware
Ransomware 2021 Year End Report Reveals Hackers are Increasingly Targeting Zero-Day Vulnerabilities and Supply Chain Networks
Jan 26, 2022 | Bloomberg
Jan 26, 2022
Ivanti report finds 32 new ransomware families in 2021
#Ransomware
Ivanti report finds 32 new ransomware families in 2021
Jan 26, 2022 | SiliconANGLE
Jan 26, 2022
Ransomware Spotlight Year End 2021 Report (Ivanti)
#Ransomware
Ransomware Spotlight Year End 2021 Report (Ivanti)
Jan 26, 2022 | The Cyberwire
Jan 26, 2022
Ransomware 2021 Year End Report Reveals Hackers are Increasingly Targeting Zero-Day Vulnerabilities and Supply Chain Networks for Maximum Impact
#Ransomware
Ransomware 2021 Year End Report Reveals Hackers are Increasingly Targeting Zero-Day Vulnerabilities and Supply Chain Networks for Maximum Impact
Jan 26, 2022 | Yahoo Finance
Jan 26, 2022
Hackers continue to target zero-day vulnerabilities
#Ransomware
Hackers continue to target zero-day vulnerabilities
Jan 26, 2022 | BetaNews
Feb 8, 2022
New Ransomware Report Reveals Hackers Are Increasingly Targeting Zero-Day Vulnerabilities and the Supply Chain
#Ransomware
New Ransomware Report Reveals Hackers Are Increasingly Targeting Zero-Day Vulnerabilities and the Supply Chain
Feb 8, 2022 | Direct Industry
Jan 29, 2022
32 new ransomware families in 2021, a 26 per cent YoY increase: Report
#Ransomware
32 new ransomware families in 2021, a 26 per cent YoY increase: Report
Jan 29, 2022 | The Hindu
Jan 28, 2022
Hackers are Increasingly Targeting Zero-Day Vulnerabilities and Supply Chain Net ..  Read more at: https://cio.economictimes.indiatimes.com/news/digital-security/hackers-are-increasingly-targeting-zero-day-vulnerabilities-and-supply-chain-networks-for-maximum-impact-states-report/89175933
#Ransomware
Hackers are Increasingly Targeting Zero-Day Vulnerabilities and Supply Chain Net .. Read more at: https://cio.economictimes.indiatimes.com/news/digital-security/hackers-are-increasingly-targeting-zero-day-vulnerabilities-and-supply-chain-networks-for-maximum-impact-states-report/89175933
Jan 28, 2022 | CIO, Economic Times
Jan 28, 2022
Ransomware families becoming more sophisticated with newer attack methods
#Ransomware
Ransomware families becoming more sophisticated with newer attack methods
Jan 28, 2022 | Help Net Security
Jan 28, 2022
Ransomware 2021 Year End Report Reveals Hackers are Increasingly Targeting Zero-Day Vulnerabilities and Supply Chain Networks for Maximum Impact
#Ransomware
Ransomware 2021 Year End Report Reveals Hackers are Increasingly Targeting Zero-Day Vulnerabilities and Supply Chain Networks for Maximum Impact
Jan 28, 2022 | BusinessWire
Jan 28, 2022
Hackers are targeting unpatched systems, supply chain networks: Report
#Ransomware
Hackers are targeting unpatched systems, supply chain networks: Report
Jan 28, 2022 | The New Indian Express
Jan 27, 2022
Ransomware groups target zero-day weakness, networks
#Ransomware
Ransomware groups target zero-day weakness, networks
Jan 27, 2022 | Tech Herald
Jan 27, 2022
Hackers Targeting Zero-Day Vulnerabilities and Supply Chain Networks: Report  Read more at: https://www.cxotoday.com/press-release/ransomware-2021-year-end-report-reveals-hackers-are-increasingly-targeting-zero-day-vulnerabilities-and-supply-chain-networks-for-maximum-impact/
#Ransomware
Hackers Targeting Zero-Day Vulnerabilities and Supply Chain Networks: Report Read more at: https://www.cxotoday.com/press-release/ransomware-2021-year-end-report-reveals-hackers-are-increasingly-targeting-zero-day-vulnerabilities-and-supply-chain-networks-for-maximum-impact/
Jan 27, 2022 | CXO Today