"Vulnerabilities Now Top Initial Access Route For Ransomware"

Corvus Insurance recently did a study and found that threat actors are switching tactics to compromise their victims with ransomware, with more attacks now exploiting vulnerabilities rather than using phishing emails.  The insurer analyzed claims data from this year to better understand threat actor activity.  The insurer claimed that vulnerability exploitation rose as an initial access method from nearly 0% of ransomware claims in H2 2022 to almost a third in the first half of 2023.  Corvus also highlighted exposed cryptographic keys as another increasingly popular way for threat actors to compromise organizations.  The insurer claimed that 7% of organizations it studied had at least one exposed secret, with the most common being Google API keys, JSON web tokens, Shopify domain keys, and keys for AWS S3 buckets.

Infosecurity reports: "Vulnerabilities Now Top Initial Access Route For Ransomware"