Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?
SonicWall’s Big Oops: Akira Ransomware Exploits Critical Firewall Flaw
Akira ransomware affiliates are exploiting a critical RCE vulnerability in SonicWall firewalls, prompting CISA to add CVE-2024-40766 to its KEV catalog. This bug in SonicOS allows attackers to gain control of affected devices. SonicWall urges immediate updates and recommends MFA for SSLVPN users to prevent…
Hot Take:
***Looks like hackers have found yet another way to crash the party, and this time they’re coming through the firewall. If SonicWall devices were bouncers, they’d be letting everyone in without checking IDs.***
Key Points:
– SonicWall disclosed and patched a critical RCE vulnerability in Gen 5, Gen 6, and some Gen 7 firewall products.
– CISA added the vulnerability (CVE-2024-40766) to its KEV catalog and set a deadline for FCEB agencies to address it.
– The vulnerability allows attackers to gain complete control of affected devices and possibly crash them.
– Akira ransomware affiliates have been exploiting the vulnerability, targeting local SSLVPN accounts.
– SonicWall recommends immediate updates, limiting management functions to trusted sources, and enabling MFA.
Already a member? Log in here