{"id":24468248,"url":"https://github.com/BushidoUK/Ransomware-Vulnerability-Matrix","last_synced_at":"2025-10-01T23:31:40.720Z","repository":{"id":260076213,"uuid":"878093361","full_name":"BushidoUK/Ransomware-Vulnerability-Matrix","owner":"BushidoUK","description":"A collection of CVEs weaponized by ransomware operators","archived":false,"fork":false,"pushed_at":"2025-01-04T11:36:59.000Z","size":157,"stargazers_count":99,"open_issues_count":0,"forks_count":12,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-01-04T12:36:35.861Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BushidoUK.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-10-24T19:11:42.000Z","updated_at":"2025-01-04T11:37:01.000Z","dependencies_parsed_at":"2024-11-20T00:31:05.433Z","dependency_job_id":null,"html_url":"https://github.com/BushidoUK/Ransomware-Vulnerability-Matrix","commit_stats":null,"previous_names":["bushidouk/ransomware-vulnerability-matrix"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BushidoUK%2FRansomware-Vulnerability-Matrix","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BushidoUK%2FRansomware-Vulnerability-Matrix/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BushidoUK%2FRansomware-Vulnerability-Matrix/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BushidoUK%2FRansomware-Vulnerability-Matrix/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BushidoUK","download_url":"https://codeload.github.com/BushidoUK/Ransomware-Vulnerability-Matrix/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234909102,"owners_count":18905505,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-01-21T07:02:30.473Z","updated_at":"2025-10-01T23:31:35.453Z","avatar_url":"https://github.com/BushidoUK.png","language":null,"readme":"\u003cimg src=\"https://github.com/user-attachments/assets/e63e7601-13c3-40c0-b853-a69039fb7d6d\" width=\"350\" /\u003e\n\n# Ransomware Vulnerability Matrix\n\u003e [!IMPORTANT]\n\u003e - This is a collection of OSINT reports of CVEs being weaponized by various ransomware adversaries, which have been broken down below\n\u003e - This repository has leveraged [resources](https://www.bleepingcomputer.com/news/security/researchers-compile-list-of-vulnerabilities-abused-by-ransomware-gangs/) of researchers shared in the past\n\u003e - This project, however, has provided additional information such as specifying which ransomware gangs have used the vulnerabilities as well as sources for independent verification\n\u003e - This Matrix was created as a public knowledge base to be used by CTI analysts researching ransomware groups, TVM teams seeking to prioritise patching, and DFIR teams looking to assess a ransomware victim's exposure\n\u003e - This project is similar to another collection I created called the [Ransomware Tool Matrix](https://github.com/BushidoUK/Ransomware-Tool-Matrix)\n\n---\n\n### Categories of Vulnerable Technologies\n- [Network Edge](https://github.com/BushidoUK/Ransomware-Vulnerability-Matrix/blob/main/Vulnerabilities/NetworkEdge.md)\n- [Microsoft Products](https://github.com/BushidoUK/Ransomware-Vulnerability-Matrix/blob/main/Vulnerabilities/Microsoft.md)\n- [Linux Components](https://github.com/BushidoUK/Ransomware-Vulnerability-Matrix/blob/main/Vulnerabilities/Linux.md)\n- [Applications](https://github.com/BushidoUK/Ransomware-Vulnerability-Matrix/blob/main/Vulnerabilities/Applications.md)\n- [Virtualization](https://github.com/BushidoUK/Ransomware-Vulnerability-Matrix/blob/main/Vulnerabilities/Virtualization.md)\n- [File Transfer Servers](https://github.com/BushidoUK/Ransomware-Vulnerability-Matrix/blob/main/Vulnerabilities/FileTransferServers.md)\n\n---\n### Additional Resources\n- [Threat Group Profiles](https://github.com/BushidoUK/Ransomware-Vulnerability-Matrix/tree/main/GroupProfiles)\n\n---\n\n### Types of Ransomware Adversaries\n\u003e [!TIP]\n\u003e This repo also contains multiple types of Ransomware adversaries, this includes the ransomware gangs themselves, affiliates, and initial access brokers\n\u003e - **Rasnomware Gangs:** In this repo, a vulnerability is associated with a ransomware gang, meaning that the vulnerability was observed exploited in an intrusion which resulted in the deployment of that ransomware family\n\u003e - **Affiliates:** A threat group in this repo with an asterisk at the end (e.g. Scattered Spider*), means it is a ransomware affiliate, which has access to one or more ransomware families\n\u003e - **Initial Access Brokers:** A threat group in this repo with an asterisk at the start (e.g. *Prophet Spider), means it is an Initial Access Broker (IAB), which sells access to one or more ransomware gangs\n\u003e - **State-sponsored:** A threat group in this repo with a plus sign at the end (e.g. DarkBit+), means it is a suspected state-sponosored adversary using ransomware, such as those from Iran, DPRK, Russia, or China\n\n---\n\n- [How To Contribute](https://github.com/BushidoUK/Ransomware-Vulnerability-Matrix/blob/main/HowToContribute.md)\n\n- [Ransomware.live Integration](https://ransomware.live/vulns)\n","funding_links":[],"categories":["🔭  Observing Ransomware Groups and Attacks"],"sub_categories":["✨  Other"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBushidoUK%2FRansomware-Vulnerability-Matrix","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FBushidoUK%2FRansomware-Vulnerability-Matrix","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBushidoUK%2FRansomware-Vulnerability-Matrix/lists"}