Ransomware Roulette: Are Your Favorite Vendors Dropping the Ball on Security?

Ransomware criminals are tuning into the Known Exploited Vulnerability (KEV) catalog like it’s their favorite true crime podcast. Researchers found 28% of vulnerabilities in CISA’s list were exploited in 2024. But don’t worry, those old ISP routers are still getting all the attention too. It’s a hacker’s nostalgia trip!

3P
Published: February 28, 2025 7:10 pmAdded: February 28, 2025 at 11:31 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Who would have thought a government catalog meant to help protect us from cyber threats would double as a shopping list for ransomware attackers? It’s like handing burglars a blueprint to your house, and then being surprised when they come knocking! Maybe next year, instead of a “Known Exploited Vulnerability” list, CISA should publish a “Don’t Try This at Home” guide.

Key Points:

  • 28% of bugs in CISA’s Known Exploited Vulnerability (KEV) catalog were used in ransomware attacks in 2024.
  • CLEO Harmony and Progress’s Kemp LoadMaster are notable examples of vulnerabilities exploited before being added to KEV.
  • Home router vulnerabilities, some over a decade old, were heavily targeted for exploits in 2024.
  • GreyNoise criticized vendors like Ivanti, D-Link, and VMware for poor vulnerability management.
  • Older vulnerabilities are still being monetized through sophisticated automation by attackers.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?