Ransomware, Network Security, Patch/Configuration Management, Vulnerability Management

Akira ransomware exploiting critical SonicWall SonicOS bug

Share

Akira ransomware operation has been disclosed by Arctic Wolf researchers to have launched attacks exploiting the critical SonicWall SonicOS access control vulnerability, tracked as CVE-2024-40766,BleepingComputer reports.

Such a development comes just after organizations with SonicWall Firewall Gen 5, Gen 6, and Gen 7 devices were advised by SonicWall to immediately apply issued fixes amid potential in-the-wild exploitation of the flaw, which also affects firewalls' SSLVPN functionality. Additional details regarding the abuse of the security issue were not provided. However, SonicWall urged firewall management and SSLVPN access restrictions, as well as WAN management portal internet access deactivation as mitigations. While only SSLVPN users with local accounts on Gen 5 and Gen 6 devices were recommended to promptly update their credentials, multi-factor authentication has been urged for all SSLVPN users. Attacks leveraging the SonicOS vulnerability follow more than a year after vulnerable SonicWall Secure Mobile Access devices were targeted in a malware attack by Chinese state-sponsored hacking group UNC4540.

Akira ransomware exploiting critical SonicWall SonicOS bug

Such a development comes just after organizations with SonicWall Firewall Gen 5, Gen 6, and Gen 7 devices were advised by SonicWall to immediately apply issued fixes amid potential in-the-wild exploitation of the flaw, which also affects firewalls' SSLVPN functionality.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.