Akira’s SonicWall Exploits Are Disrupting Large Enterprises Source: www.databreachtoday.com/akiras-so… The Akira ransomware group has found a path into large corporate networks by compromising SonicWall SSL VPN devices—hardware typically marketed to small- and medium-sized businesses. Once those firms are acquired by larger enterprises, these devices become high-value entry points for attackers. Akira began exploiting CVE-2024-40766 between September and December 2024. The flaw was also leveraged by the Fog ransomware group during the same period. A renewed wave of Akira activity surfaced this past summer, running from late July through at least September. According to Arctic Wolf, the volume and diversity of victims indicate opportunistic mass exploitation, rather than targeted attacks, with impacted organizations spanning multiple industries.
Akira’s SonicWall Exploits Are Disrupting Large Enterprises
Edward Kiledjian
@ekiledjian