Akira Ransomware Exploits Unpatched SonicWall VPNs
🚨 The Australian Cyber Security Centre has observed increased exploitation of SonicWall SSL VPNs by the Akira ransomware group, leveraging CVE-2024-40766. The vulnerability, patched over a year ago, affects SonicWall Gen 5 and Gen 6 appliances and Gen 7 devices running SonicOS 7.0.1-5035 and earlier. Organisations remain at risk if they did not both install firmware updates and immediately rotate administrative credentials after migration. Security vendors Rapid7 and Recorded Future report automated intrusions tied to this issue; operators are advised to patch, reset passwords, restrict VPN access and enable robust MFA.
