CyberSecurityBoard
Sponsor Register Login

Akira ransomware exploiting critical SonicWall SSLVPN bug again

The Akira ransomware group has resumed exploiting a critical vulnerability in SonicWall SSLVPN devices, identified as CVE-2023-3519. This flaw allows attackers to bypass authentication and gain unauthorized access to vulnerable SonicWall SSLVPN appliances. Once inside, the threat actors deploy the Akira ransomware to encrypt victims' data and demand ransom payments. SonicWall has issued patches and urged users to update their systems immediately to mitigate the risk. The resurgence of attacks exploiting this vulnerability highlights the persistent threat posed by ransomware groups leveraging unpatched security flaws in widely used VPN solutions. Organizations using SonicWall SSLVPN devices should prioritize patching and implement additional security measures such as network segmentation and multi-factor authentication to reduce exposure. The Akira ransomware is known for its aggressive encryption tactics and ransom demands, making timely mitigation critical to prevent significant operational disruption and data loss. This incident underscores the importance of continuous vulnerability management and proactive defense strategies in the face of evolving ransomware threats targeting critical network infrastructure.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 11 Sep 2025 16:35:15 +0000


Cyber News related to Akira ransomware exploiting critical SonicWall SSLVPN bug again

10 Best Ransomware Protection Tools - 2025 - It protects devices from ransomware and other cyber threats using advanced threat intelligence, behavioral analysis, and cloud-based technology. It monitors and prevents ransomware assaults on personal files and automatically restores encrypted ...
9 months ago Cybersecuritynews.com
10 Best Ransomware File Decryptor Tools in 2025 - Kaspersky Rakhni Decryptor contains different decryption tools based on various versions of Rakhni ransomware and helps you decrypt encrypted files on your system. PyLocky Ransomware Decryption Tool is a free and open source developed and released by ...
8 months ago Cybersecuritynews.com
Akira ransomware exploiting critical SonicWall SSLVPN bug again - The Akira ransomware group has resumed exploiting a critical vulnerability in SonicWall SSLVPN devices, identified as CVE-2023-3519. This flaw allows attackers to bypass authentication and gain unauthorized access to vulnerable SonicWall SSLVPN ...
3 months ago Bleepingcomputer.com CVE-2023-3519 Akira ransomware group
SonicWall Firewalls Targeted by Akira Ransomware: What You Need to Know - SonicWall firewalls have recently been targeted by the Akira ransomware, marking a significant threat to network security. This ransomware exploits vulnerabilities in SonicWall devices to infiltrate corporate networks, encrypt critical data, and ...
2 months ago Cybersecuritynews.com CVE-2023-20078 Akira ransomware group
SonicWall SonicOS SSLVPN Vulnerability Actively Exploited in the Wild - The vulnerability’s exploitation underscores persistent risks in widely deployed network security appliances and highlights the tactical evolution of threat actors targeting authentication bypass mechanisms. The U.S. Cybersecurity and ...
10 months ago Cybersecuritynews.com CVE-2024-53704 CVE-2024-40766 Akira
Akira Exploits SonicWall VPNs in Broad Ransomware Campaign - A new ransomware campaign led by the Akira group is exploiting vulnerabilities in SonicWall VPN appliances to gain unauthorized access and deploy ransomware across multiple organizations. This widespread attack leverages known security flaws in ...
2 months ago Darkreading.com CVE-2021-20016 Akira
178K+ SonicWall Firewalls Vulnerable to DoS, RCE Attacks - Two unauthenticated denial-of-service vulnerabilities are threatening the security of SonicWall next-generation firewall devices, exposing more than 178,000 of them to both DoS as well as remote code execution attacks. SonicWall products affected are ...
1 year ago Darkreading.com CVE-2022-22274 CVE-2023-0656
SonicWall Firewall Authentication Bypass Vulnerability Exploited in Wild - The surge in attacks follows the public release of proof-of-concept (PoC) exploit code on February 10, 2025, by researchers at Bishop Fox, amplifying risks for organizations with unpatched devices. Security analysts attribute the rapid weaponization ...
10 months ago Cybersecuritynews.com CVE-2024-53704 Akira
The Week in Ransomware - Earlier this month, the BlackCat/ALPHV ransomware operation suffered a five-day disruption to their Tor data leak and negotiation sites, rumored to be caused by a law enforcement action. The FBI revealed this week that they hacked the BlackCat/ALPHV ...
2 years ago Bleepingcomputer.com LockBit Akira Noescape
Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks - Security researchers have found over 178,000 SonicWall next-generation firewalls with the management interface exposed online are vulnerable to denial-of-service and potential remote code execution attacks. These appliances are affected by two DoS ...
1 year ago Bleepingcomputer.com CVE-2022-22274 CVE-2023-0656
Tietoevry ransomware attack causes outages for Swedish firms, cities - Finnish IT services and enterprise cloud hosting provider Tietoevry has suffered a ransomware attack impacting cloud hosting customers in one of its data centers in Sweden, with the attack reportedly conducted by the Akira ransomware gang. Tietoevry ...
1 year ago Bleepingcomputer.com Akira
Targeting homeowners' data - As these companies obtain a large amount of sensitive information from their customers, they become attractive targets for ransomware gangs to conduct double-extortion attacks. Finland is also warning of Akira ransomware increasingly targeting ...
1 year ago Bleepingcomputer.com LockBit Akira
Hive Ransomware: A Detailed Analysis - This past week, on January 26th, to be exact, the FBI successfully shut down the Hive ransomware group and saved victims over a hundred million dollars in ransom payments and remediation costs. As ransomware continues to be a national security threat ...
2 years ago Heimdalsecurity.com LockBit
Analyzing the SonicWall Custom Grub LUKS Encryption Modifications - During our initial analysis of a virtual machine image for the application, we discovered a customized LUKS encryption mechanism meant to hinder reverse engineering of the application. We were able to recover the LUKS decryption key by leveraging ...
2 years ago Securityboulevard.com
US energy firm shares how Akira ransomware hacked its systems - In a rare display of transparency, US energy services firm BHI Energy details how the Akira ransomware operation breached their networks and stole the data during the attack. BHI Energy, part of Westinghouse Electric Company, is a specialty ...
2 years ago Bleepingcomputer.com Akira
Ransomware victims targeted by fake hack-back offers - Some organizations victimized by the Royal and Akira ransomware gangs have been targeted by a threat actor posing as a security researcher who promised to hack back the original attacker and delete stolen victim data. Both Royal and Akira ransomware ...
1 year ago Bleepingcomputer.com Akira Qilin
The Week in Ransomware - Governments struck back this week against members of ransomware operations, imposing sanctions on one threat actor and sentencing another to prison. On Tuesday, the Australian, US, and UK governments announced sanctions against Aleksandr Gennadievich ...
1 year ago Bleepingcomputer.com LockBit BianLian Akira Cactus
Akira Ransomware Using Compromised Credentials and Public Tools in New Wave of Cyberattacks - According to their leak site, the group has compromised over 350 organizations, with victims who refuse payment seeing their data published in the dedicated “Leaks” section. The cybersecurity landscape faces a mounting threat as the Akira ...
8 months ago Cybersecuritynews.com Akira
Ransomware in 2023 recap: 5 key takeaways - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. While some ransomware trends hardly changed over the last year, such as LockBit's continued dominance, ransomware criminals also challenged ...
1 year ago Malwarebytes.com Scattered Spider LockBit
LockBit takedown surges Akira Ransomware Attacks - Following the takedown of the LockBit Ransomware group's website in 'Operation Cronos' by law enforcement agencies, there has been a notable surge in the activity of the Akira Ransomware group in recent weeks. This rise has been particularly ...
1 year ago Cybersecurity-insiders.com LockBit Akira Ra group
SonicWall Accelerates SASE Offerings; Acquires Proven Cloud Security Provider - PRESS RELEASE. MILPITAS, Calif. - January 3, 2024 - SonicWall, a global cybersecurity leader, today announced the acquisition of Banyan Security, a leading provider of security service edge solutions for the modern workforce. This acquisition ...
1 year ago Darkreading.com
Ransomware Roundup - The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. This edition of the Ransomware Roundup covers the 8base ransomware. 8base ...
1 year ago Feeds.fortinet.com 8base
Medusa Ransomware Turning Your Files into Stone - Unit 42 Threat Intelligence analysts have noticed an escalation in Medusa ransomware activities and a shift in tactics toward extortion, characterized by the introduction in early 2023 of their dedicated leak site called the Medusa Blog. The Unit 42 ...
1 year ago Unit42.paloaltonetworks.com Medusa
The Top 10 Ransomware Groups of 2023 - This article takes an in-depth look at the rise in ransomware attacks over the past year and the criminal groups driving the surge in cyber extortion. LockBit has established itself as one of the most notorious ransomware operations since emerging on ...
1 year ago Securityboulevard.com TA505 8base LockBit BianLian Medusa Noescape Black Basta
Akira ransomware breaching MFA-protected SonicWall VPN accounts - The Akira ransomware group has been actively targeting SonicWall VPN accounts, even those protected by multi-factor authentication (MFA). This alarming development highlights the evolving tactics of ransomware operators who are bypassing traditional ...
2 months ago Bleepingcomputer.com Akira ransomware group

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)