"Ransomware Groups Continue to Leverage Old Vulnerabilities"

A new report from Cyber Security Works (CSW) says researchers observed ransomware groups exploiting vulnerabilities that were several years old. The discovery highlights a continuing trend in which threat actors target known vulnerabilities and trusted attack methods rather than using and developing new ones. The report is based on ransomware and vulnerability data from multiple threat intelligence feeds and risk analyses. According to the report, there has been a 7.6 percent increase in vulnerabilities related to ransomware since January 2022. The researchers found that 11 of the 22 newly added ransomware-associated vulnerabilities were initially disclosed in 2019, thus showing that ransomware groups are on the lookout for vulnerabilities with pre-existing mechanisms of exploitation. The findings of the Health Sector Cybersecurity Coordination Center's (HC3) Q1 2022 report are consistent with that of the CSW researchers. HC3 also observed threat actors using legitimate tools and existing weaknesses to exploit victims instead of developing custom malware. Threat actors have been seen favoring file transfer, remote access, and encryption tools in the infiltration of target organizations. This article continues to discuss ransomware groups increasingly going after old vulnerabilities and using tried-and-true attack techniques to exploit victims and the importance of healthcare providers being extremely vigilant in their cybersecurity posture. 

HealthITSecurity reports "Ransomware Groups Continue to Leverage Old Vulnerabilities"