3 Ransomware Precursors Laid Bare in a Cyber Truth or Dare
Recently, with my vulnerability researcher hat on, I was thrilled to get confirmation that three serious security vulnerabilities had been used as initial access vectors in ransomware attacks. Of course I was not gleeful or happy that this had happened to the victims, far from it, but what excited me was that I happened to know an antidote for these particular attacks and many like them. Neither was my elation due to the fact that each of the vulnerabilities is on the CISA Known Exploited Vulnerabilities Catalog (KEV), which Jussi Eronen brought up in his earlier post on exposure assessment. What pushed my buttons, was that post mortem analyses of three ransomware attacks had revealed the root cause for each incident to be the exploitation of a publicly exposed known vulnerability. In other words, the incident responders had discovered the smoking guns, plural. To put it bluntly, each incident could have been avoided had the service not been directly exposed to the Internet in the first place.
Continue Reading