SonicWall’s Zero-Day Drama: Akira Ransomware Strikes Again!
SonicWall suspects a zero-day vulnerability due to a spike in Akira ransomware attacks on Gen 7 firewalls with SSLVPN enabled. Despite fully patched devices, intrusions persist, hinting at a new flaw rather than just bad passwords. SonicWall is on high alert, suggesting users disable SSLVPN until further notice.
Hot Take:
When your firewall needs a firewall, you know it’s time for an upgrade—or maybe just a good old exorcism. SonicWall’s Gen 7 could use both after Akira ransomware’s latest joyride through their SSLVPNs. It’s like the gift that keeps on giving, except it’s ransomware, so it’s not exactly the kind of gift you’d want. Stay tuned as SonicWall plays detective to find out if they’re dealing with a zero-day or just another Tuesday.
Key Points:
- SonicWall investigates potential zero-day due to Akira ransomware attacks on Gen 7 firewalls.
- Arctic Wolf Labs suggests a possible zero-day vulnerability in SonicWall VPNs.
- Ransomware groups exploit VPNs using VPS hosting for logins.
- Organizations advised to disable SonicWall SSL VPN service until a patch is available.
- Mitigations include enabling Botnet Protection, enforcing MFA, and restricting VPN access.
Already a member? Log in here