CyberSecurity news

FlagThis

@securityonline.info //

Akira Ransomware Continuously Evolving and Targeting Vulnerable Systems


Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • malware.news: This article details the vulnerabilities exploited by Akira ransomware affiliates, including SonicWall SonicOS, Cisco ASA/FTD, and FortiClientEMS.
  • Cisco Talos Blog: Talos Intelligence delves into the evolving tactics, techniques, and procedures (TTPs) employed by Akira ransomware operators.
  • www.veeam.com: Veeam's knowledge base article provides information about vulnerabilities that could be exploited by threat actors.
  • www.cisa.gov: Akira ransomware affiliates have been observed targeting network appliances vulnerable to CVE-2024-40766
  • www.cisco.com: This ongoing development makes Akira a persistent threat to both Windows and Linux-based enterprise environments.
  • www.microsoft.com: This Microsoft blog post discusses the exploitation of ESXi hypervisor vulnerabilities by ransomware groups, which is a tactic also used by Akira.
  • nvd.nist.gov: Most recently, Akira ransomware affiliates have been observed targeting network appliances vulnerable to , an exploit in the SonicWall SonicOS facilitating remote code execution on the vulnerable device.
  • umbrella.cisco.com: Most recently, Akira ransomware affiliates have been observed targeting network appliances vulnerable to , an exploit in the SonicWall SonicOS facilitating remote code execution on the vulnerable device.
  • securityonline.info: Securityonline article discussing Akira's exploitation of CVE-2024-40766.
  • www.cisa.gov: CISA Known Exploited Vulnerabilities Catalog
  • infosec.exchange: Cisco Talos researchers James Nutland & Michael Szeliga write about Akira ransomware evolution. Most recently, they have observed a potential shift back to previous encryption methods, in conjunction with data theft extortion tactics.
  • ciso2ciso.com: Akira ransomware is encrypting victims again following pure extortion fling – Source: go.theregister.com
  • social.skynetcloud.site: Akira ransomware is encrypting victims again following pure extortion fling – Source: go.theregister.com
  • Arctic Wolf: Arctic Wolf Labs Observes Increased Fog and Akira Ransomware Activity Linked to SonicWall SSL VPN
  • malware.news: Arctic Wolf Labs Observes Increased Fog and Akira Ransomware Activity Linked to SonicWall SSL VPN
Classification: