Akira Ransomware Strikes Again: SonicWall MFA Tampered Despite Updates!
SonicWall SSL VPN devices face ongoing Akira ransomware attacks, with threat actors bypassing OTP MFA. Despite patches for CVE-2024-40766, attackers exploit stolen credentials. Admins must reset VPN credentials and update firmware, as crafty cybercriminals continue to turn security into a laughingstock, proving that in the world of cybercrime, persistence is key.
Hot Take:
Ransomware actors just won’t take a hint! Despite SonicWall’s best efforts to patch things up, Akira ransomware attackers are slipping through the cracks like your ex sliding into your DMs. They’re dodging multi-factor authentication like it’s a high school reunion and sidestepping security updates as if they were gym memberships. It’s time to change those passwords, folks, because Akira’s not just playing tag; they’re winning!
Key Points:
– Akira ransomware is exploiting SonicWall SSL VPNs despite MFA.
– The attacks are linked to CVE-2024-40766, an improper access control flaw.
– Attackers are using stolen credentials even after devices are patched.
– OTP MFA is being bypassed, possibly due to compromised seeds.
– Resetting VPN credentials and updating SonicOS is crucial.