Multiple cybersecurity firms have warned about ransomware gangs exploiting a potential zero-day vulnerability in SonicWall devices, especially targeting SSL VPNs. These attacks have impacted numerous organizations, with indications of unauthorized access and ransomware deployment. #SonicWall #AkiraRansomware
Keypoints
- The attacks involve exploitation of a suspected zero-day vulnerability in SonicWall firewalls.
- Multiple incident response teams, including Arctic Wolf and Huntress, have documented numerous incidents since July.
- Threat actors are using the Akira ransomware to gain initial access to SonicWall VPNs.
- Organizations are advised to disable SonicWall SSL VPN services until a security patch is released.
- Even fully patched devices have been affected, suggesting the presence of a new, unknown vulnerability.
Read More: https://therecord.media/sonicwall-possible-zero-day-gen-7-firewalls-ssl-vpn