Ransomware cyber

SonicWall

Oct 30, 2024 1 min read
SonicWall

SonicWall, a cybersecurity company, experienced breaches into enterprise networks through Fog and Akira ransomware exploiting the VPN vulnerability CVE-2024-40766. The critical flaw led to unauthorized access and potential firewall crashes, impacting Gen 5, 6, and early Gen 7 devices. Despite patches being released, ongoing intrusions via unpatched SSL VPNs have led to a rise in ransomware attacks since August 2024. The vulnerability allowed a rapid pivot from initial access to ransom activities, with a timeline as short as 1.5 hours. The targeted ransomware attacks demonstrate the urgency of applying security updates to prevent severe repercussions, including loss of resources and compromised data.

Source: https://securityaffairs.com/170359/cyber-crime/fog-akira-ransomware-sonicwall-vpn-flaw.html

TPRM report: https://scoringcyber.rankiteo.com/company/SonicWall

"id": "son000103024",
"linkid": "SonicWall",
"type": "Ransomware",
"date": "10/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'Technology',
                        'name': 'SonicWall',
                        'type': 'Cybersecurity Company'}],
 'attack_vector': 'VPN vulnerability',
 'description': 'SonicWall, a cybersecurity company, experienced breaches into '
                'enterprise networks through Fog and Akira ransomware '
                'exploiting the VPN vulnerability CVE-2024-40766. The critical '
                'flaw led to unauthorized access and potential firewall '
                'crashes, impacting Gen 5, 6, and early Gen 7 devices. Despite '
                'patches being released, ongoing intrusions via unpatched SSL '
                'VPNs have led to a rise in ransomware attacks since August '
                '2024. The vulnerability allowed a rapid pivot from initial '
                'access to ransom activities, with a timeline as short as 1.5 '
                'hours. The targeted ransomware attacks demonstrate the '
                'urgency of applying security updates to prevent severe '
                'repercussions, including loss of resources and compromised '
                'data.',
 'impact': {'systems_affected': 'Gen 5, 6, and early Gen 7 devices'},
 'initial_access_broker': {'entry_point': 'VPN vulnerability'},
 'lessons_learned': 'The urgency of applying security updates to prevent '
                    'severe repercussions, including loss of resources and '
                    'compromised data.',
 'motivation': 'Financial gain through ransomware attacks',
 'post_incident_analysis': {'corrective_actions': 'Patching the vulnerability',
                            'root_causes': 'Vulnerability CVE-2024-40766'},
 'ransomware': {'ransomware_strain': ['Fog', 'Akira']},
 'recommendations': 'Apply security updates promptly to prevent ransomware '
                    'attacks.',
 'title': 'SonicWall Ransomware Attacks via VPN Vulnerability',
 'type': 'Ransomware',
 'vulnerability_exploited': 'CVE-2024-40766'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.