"Study Finds Ransomware, Zero-Day Vulnerabilities Are on the Rise"

According to a new report from the cybersecurity solutions provider Fortinet, the number of new ransomware variants nearly doubled in the first half of 2022, and attackers are increasingly leveraging zero-day vulnerabilities. The company's FortiGuard Labs Threat Landscape report for the first half of 2022 reveals that there were 10,666 new ransomware variants observed, compared to just 5,400 in the second half of 2021. Ransomware groups are using subscription-based models, similar to how cloud-based software and services are consumed today, to make a quick profit. In addition to a surge in destructive malware and operational technology vulnerabilities remaining prime targets for attackers, Fortinet's report predicts that 2022 will be another record year for zero-day vulnerabilities, with 72 zero-days discovered in the first half of the year. From the beginning of 2020 to the end of 2022, the average number of zero-day bugs published by Fortinet every six months increased steadily, with others reporting similar trends. More than two-thirds of the flaws discovered in 2021 were related to popular and well-known vulnerability classes, such as memory corruption issues, with the remainder primarily stemming from logic and design flaws. The report also mentions Log4Shell, claiming that the vulnerability was the most exploited in the first half of 2022. Although exploits have not reached the expected levels, advanced threat actors are using them to target US government systems. Fortinet says the bug will be in its top charts for a long time, citing a Cyber Safety Review Board report that suggests Log4Shell will remain an endemic vulnerability for years. This article continues to discuss key findings shared in Fortinet's recent Global Threat Landscape Report. 

Campus Safety reports "Study Finds Ransomware, Zero-Day Vulnerabilities Are on the Rise"