CISA to Flag Vulnerabilities & Misconfigurations Exploited


Ransomware attacks have grown to be a serious concern for businesses of all sizes, with the potential to seriously harm the operations, finances, and reputation of the targeted enterprises.

Many ransomware operators utilize flaws or known common vulnerabilities and exposures (CVE). Additionally, many businesses might not be aware that a ransomware threat actor is using a weakness in their network.

 As mandated by the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) of 2022, the Cybersecurity and Infrastructure Security Agency (CISA) launched the Ransomware Vulnerability Warning Pilot (RVWP) in January 2023 to assist organizations in overcoming this possible blind hole.

“Through the RVWP, CISA determines vulnerabilities that are commonly associated with known ransomware exploitation and warns critical infrastructure entities of those vulnerabilities, helping to enable mitigation before a ransomware incident occurs,” CISA said.

Document

FREE Demo

Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware


New Resources Added To The RVWP

Currently, the agency has made two new resources available through the RVWP to assist businesses in locating and removing security flaws known to be abused by ransomware operators.

A new column named “known to be used in ransomware campaigns” has been added to the known exploited vulnerabilities (KEV) catalog. 

This column shows if CISA knows that a vulnerability has been linked to ransomware for current vulnerabilities and any future vulnerabilities to be added to the catalog.

In addition, CISA has created a second new RVWP resource that acts as a companion list of misconfigurations and security flaws that have been known to be leveraged in ransomware operations.

This list will assist organizations in swiftly identifying the services that ransomware threat actors are known to utilize, enabling them to put mitigation or compensation policies in place.

Over 800 susceptible devices with internet-accessible vulnerabilities frequently linked to well-known ransomware operations have received alerts from CISA’s RVWP.

“To identify these systems, we use existing services, data sources, technologies, and authorities, including our free cyber hygiene vulnerability scanning service,” CISA explains.

The RVWP has helped all key infrastructure sectors, including the Education Facilities subsector, particularly the Energy, Healthcare and Public Health, Water and Wastewater Systems sectors.

Organizations who enroll in CISA’s vulnerability scanning service receive faster and more targeted notifications – and it’s free for any organization in the United States.

Hence, to immediately minimize their chance of being affected by ransomware, CISA urges all organizations to check the updated KEV catalog and list of misconfigurations and vulnerabilities.

Protect yourself from vulnerabilities using Patch Manager Plus to patch over 850 third-party applications quickly. Take advantage of the free trial to ensure 100% security.



Source link