Security News > 2023 > September > The Week in Ransomware - September 8th 2023 - Conti Indictments
It started as a slow ransomware news week but slowly picked up pace with the Department of Justice announcing indictments on TrickBot and Conti operations members.
In other news, Cisco confirmed that ransomware gangs are exploiting a zero-day in Cisco VPN appliances after BleepingComputer's, SentinelOnes, and Rapid7's reporting on its abuse by the Akira ransomware operation.
Multiple Foreign Nationals Charged in Connection with Trickbot Malware and Conti Ransomware Conspiracies September 8th 2023 Cisco warns of VPN zero-day exploited by ransomware gangs.
Cisco is warning of a CVE-2023-20269 zero-day vulnerability in its Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense that is actively exploited by ransomware operations to gain initial access to corporate networks.
Cisco warns of VPN zero-day exploited by ransomware gangs.
Akira ransomware targets Cisco VPNs to breach organizations.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-06 | CVE-2023-20269 | Incorrect Authorization vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. | 9.1 |