Fog and Akira Ransomware Spread Through SonicWall VPN Vulnerability - #CVE-2024-40766
A critical vulnerability, CVE-2024-40766, in SonicWall SonicOS firewalls and SSL VPN features has been aggressively targeted by ransomware groups such as Akira and Fog since August 2024. This flaw, which affects Gen 5, Gen 6, and Gen 7 devices, has led to numerous attacks on various industries, often exploiting instances where multi-factor authentication (MFA) was disabled. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has included this vulnerability in its Known Exploited Vulnerabilities catalog, mandating that federal agencies patch or discontinue affected systems by September 30. SonicWall has released patches to address the issue, and security experts recommend users upgrade their firmware, enable MFA, and restrict access to trusted sources. Despite these efforts, attacks continue to escalate, showcasing the adaptability and organization of modern cybercriminal groups and the urgency of maintaining up-to-date security measures.