The Akira ransomware gang is actively exploiting the CVE-2024-40766 vulnerability in SonicWall devices to conduct attacks, primarily targeting unpatched SSL VPN endpoints. Cybersecurity agencies emphasize immediate patching, password resets, and MFA implementation to mitigate these threats. #CVE202440766 #AkiraRansomware
Keypoints
- The Akira ransomware group is exploiting CVE-2024-40766 to attack SonicWall devices.
- SonicWall released a patch last year, but many systems remain unpatched or improperly remediated.
- Threat actors are leveraging default permissions and broad access to authenticate via VPN.
- Organizations in Australia are warned about a surge in these exploitations by the ACSC.
- Security experts advise updating firmware, rotating passwords, and enforcing MFA for protection.