Cybercriminals behind Akira ransomware are exploiting SonicWall SSL VPN devices in what appears to be a zero-day attack, successfully breaching fully-patched systems. The attacks target organizations using SonicWall's VPN infrastructure, raising serious concerns about a previously unknown vulnerability.
Since the compromised devices were up-to-date with security patches, security experts suspect attackers discovered and weaponized a new flaw before SonicWall could address it. Organizations using SonicWall VPNs face immediate risk and should monitor their networks closely for suspicious activity while awaiting official patches.
Source: The Hacker News