×
ItalianoEnglish
Set as default language

Grandangolo Communications

  • Home
  • Company
  • Services
    • Public Relation
    • Digital PR
    • Marketing
    • Lead Generation
    • Events
  • Best Practice
  • Customer Press Room
  • Contacts
  • Languages
  • Home
  • Customer Press Room
  • Ivanti
  • Ivanti's Q1 2022 Ransomware Report finds a 7.6% increase in vulnerabilities associated with ransomware attacks and a worrying escalation in the Conti group's activities

Customer Press Room

Ivanti's Q1 2022 Ransomware Report finds a 7.6% increase in vulnerabilities associated with ransomware attacks and a worrying escalation in the Conti group's activities

by Grandangolo Communications / Wednesday, 18 May 2022 / Published in Ivanti

The report also highlights the 7.5% increase in APT groups linked to ransomware, the 6.8% increase in the most exploited and trending vulnerabilities, and the 2.5% growth in ransomware types

Ivanti Inc., provider of the Neurons automation platform that detects, manages, protects and supports IT assets from the cloud to the edge, presents the results of the first quarter 2022 Ransomware Index report created with Cyber ​​Security Works, Certifying Numbering Authority (CNA) and Cyware, leading provider of the technological platform for the design of Cyber ​​Fusion Centers. The report recorded a 7.6% increase in the number of vulnerabilities associated with ransomware in the first quarter of 2022, the majority of which are exploited by the Conti ransomware group. The investigation identified 22 new ransomware-related vulnerabilities (bringing the total to 310) and linked 19 of them to the Conti group, which claims to support the Russian government after the invasion of Ukraine.

The report identified a 7.5% increase in APT groups involved in ransomware, a 6.8% increase in most exploited vulnerabilities and a 2.5% growth in ransomware types. Analyzing the data in detail, three new APT groups emerge (Exotic Lily, APT 35, DEV-0401) that have used ransomware as an attack vector for their targets, 10 new active and trending vulnerabilities that have been associated with ransomware (bringing the total to 157) and four new types of ransomware (AvosLocker, Karma, BlackCat, Night Sky) that have become dangerous in the first quarter of 2022.

Additionally, the investigation shows the speed with which ransomware groups have continued to exploit vulnerabilities, focusing on those with the greatest impact and disruption. Hackers took advantage of the vulnerabilities by acting within eight days of the release of individual patches, reaffirming that a minimal delay in the preparation of security measures by vendors and partners allows ransomware groups to infiltrate networks. Even the most popular antiviruses fail to detect some ransomware-related vulnerabilities, specifically over 3.5%, exposing organizations to serious risks.

Aaron Sandeen, CEO of Cyber Security Work said: "The inability of antivirus solutions to detect ransomware-related vulnerabilities is a major problem and our experts constantly monitor these types of attacks in every research. The good news is that the number has decreased in the first quarter, demonstrating that security vendors are managing the problem better. We still find 11 ransomware vulnerabilities that have not been fixed, five of which are classified as critical and associated with ransomware groups such as Ryuk, Petya and Locky."

An additional obstacle for IT teams is related to gaps in the National Vulnerability Database (NVD), the MITER Corporation's Common Attack Pattern Enumeration and Classification (CAPEC) list, and the US Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities (KEVs) registry. The report found that the NVD lacks CWE (Common Weakness Enumerations) for 61 vulnerabilities, while the CAPEC list lacks CWE for 87 vulnerabilities. On average, a vulnerability is added to the NVD one week after being discovered by the vendor. Additionally, 169 ransomware vulnerabilities are not yet on CISA's KEV list, while hackers are identifying 100 of these vulnerabilities, searching organizations for an unprotected application to exploit.

Srinivas Mukkamala, Senior VP & General Manager of Security Products at Ivanti states, "Attackers are increasingly exploiting weaknesses in cyber hygiene, including the management of legacy processes. Today, security and IT teams struggle to identify risks related to vulnerabilities, misprioritizing which ones need fixing. For example, many only apply patches to new vulnerabilities or those disclosed in the NVD, while others only use the Common Vulnerability Scoring System (CVSS) to score and prioritize vulnerabilities. To best protect businesses, internal teams must adopt a vulnerability management approach risk-based vulnerability, to implement AI technology capable of identifying vulnerabilities and threats, providing early warnings, predicting possible attacks and assigning the right priority to remediation activities".

The report also analyzed 56 vendors of healthcare applications, medical devices and hardware used in hospitals and care centers, finding 624 new vulnerabilities in their programs. Forty of these have public exploits, and two (CVE-2020-0601 and CVE-2021-34527) have been associated with four ransomware groups (BigBossHorse, Cerber, Conti, and Vice Society). This data could indicate an increase in ransomware attacks in the coming months.

Anuj Goel, co-founder and CEO of Cyware, underlines: "Today, ransomware is one of the most widespread attack vectors, directly impacting the profits of companies globally, as indicated by the report which also highlights the increase in ATPs that exploit ransomware. However, security teams, which receive multiple information from different sources, should have complete visibility of threats, integrating patching and vulnerability response with centralized management of all data, ensuring collection, correlation and security actions to be taken."

The Ransomware Index Spotlight report is based on data collected from multiple sources, including data owned by Ivanti and CSW, public threat databases, as well as attack researchers and attack testing teams. For details on the complete report see link.

Tagged under: Conti, ivanti, ransomware

About Grandangolo Communications

What you can read next

The study on the global economic impact shows that Ivanti's Neurons for Unified Endpoint Management solutions ensure an ROI of 261%
According to a recent study by Ivanti, 71% of security IT managers consider the patching process too complex and time-consuming to manage
Ivanti Named a Leader in the Gartner® Magic Quadrant ™ for Unified Endpoint Management Tools in 2022

Customer Press Room

  • Arrow Electronics has been awarded by Equinix as Distributor of the Year 2025 for the EMEA region

    Arrow Electronics, a global supplier of technology...
  • SentinelOne makes the Purple AI Agentic Investigation solution available to all customers, bringing the latest generation AI directly into the SOC

    The investigations, started autonomously and without need...
  • Acronis TRU reveals the ongoing evolution of the INC ransomware group

    A recent report published by Acronis Threat ...
  • ESET Research investigates the Gentlemen ransomware author group and its defense evasion tools

    The Gentlemen Group develops, maintains and supplies...
  • Imprivata presents the Agentic Identity Management solution to protect and govern the access of AI agents

    Imprivata, a leading company in Ac...

Archives

  • June 2026
  • May 2026
  • April 2026
  • March 2026
  • February 2026
  • January 2026
  • December 2025
  • November 2025
  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025
  • April 2025
  • March 2025
  • February 2025
  • January 2025
  • December 2024
  • November 2024
  • October 2024
  • September 2024
  • August 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
  • February 2024
  • January 2024
  • December 2023
  • November 2023
  • October 2023
  • September 2023
  • August 2023
  • July 2023
  • June 2023
  • May 2023
  • April 2023
  • March 2023
  • February 2023
  • January 2023
  • December 2022
  • November 2022
  • October 2022
  • September 2022
  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • February 2022
  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018

Categories

  • A10
  • Abstract
  • abstract
  • Acronis
  • Ally Consulting
  • Arrow
  • Arrow Electronics
  • Axiante
  • Babel
  • Computer Center
  • Cohesity
  • Italy Cloud Consortium
  • Consys
  • D-Link
  • Eset
  • G.B. Service
  • Habble
  • HiSolution
  • HYCU
  • Icos
  • Imprivate
  • Information Tecnology
  • Innovaway
  • Ivanti
  • Link11
  • MobileIron
  • Netalia
  • Nethive
  • Nexthink
  • Nuvis
  • Praim
  • QAD
  • Qualys
  • Red Hot Cyber
  • Riverbed
  • Saviynt
  • Sensormatic
  • SentinelOne
  • Talent Software
  • Vectra
  • Vectra AI
  • Vertiv

Office printing, digital PR, marketing, lead generation: all projects are born from our passion and expertise, with an inevitable touch of creativity and innovation.

COMPANY

Grandangolo Communications Srl
Via Sardegna 19
20146 Milano
Telephone +39 335 8283393
info@grandangolo.it

I SERVIZI

  • Home
  • Company
  • Services
  • Best Practice
  • Customer Press Room
  • Contacts
  • Languages

CONTACTS

  • Contacts
  • Cookie policy
  • Privacy policy

© 2019 GRANDANGOLO COMMUNICATIONS SRL | P.IVA IT 06394850967 | All rights reserveD.

Powered by Webpowerplus

TOP