15 March 2023

CISA announces ransomware vulnerability warning pilot program


CISA announces ransomware vulnerability warning pilot program

The US Cybersecurity and Infrastructure Security Agency has launched the Ransomware Vulnerability Warning Pilot (RVWP) program that will proactively track common vulnerabilities being exploited by ransomware gangs, and warn exposed critical infrastructure entities of the risks to help them mitigate the threat before a cyberattack occurs.

The anti-ransomware project started out by alerting 93 organizations open to the Microsoft Exchange Service “ProxyNotShell” vulnerability that has been observed being exploited by operators of the Play and Cuba ransomware. As of January 2023, there were nearly 60,000 Exchange Server instances still vulnerable to the ProxyNotShell flaws.

“Ransomware attacks continue to cause untenable levels of harm to organizations across the country, including target rich, resource poor entities like many school districts and hospitals” said Eric Goldstein, Executive Assistant Director for Cybersecurity, CISA. “The RVWP will allow CISA to provide timely and actionable information that will directly reduce the prevalence of damaging ransomware incidents affecting American organizations.”

Back to the list

Latest Posts

Cyber Security Week In Review: December 1, 2023

Cyber Security Week In Review: December 1, 2023

The world in brief: Apple, Google fix WebKit, Chrome zero-days, Qlik Sense bugs exploited by Cactus ransomware, and more.
1 December 2023
New GoTitan botnet exploits recently patched Apache ActiveMQ flaw

New GoTitan botnet exploits recently patched Apache ActiveMQ flaw

GoTitan is designed for launching DDoS attacks via protocols such as HTTP, UDP, TCP, and TLS.
30 November 2023
US sanctions Sindbad crypto mixer allegedly used by North Korea’s Lazarus hackers

US sanctions Sindbad crypto mixer allegedly used by North Korea’s Lazarus hackers

The authorities described the service as “a key money-laundering tool” of Lazarus.
30 November 2023