Security News > 2024 > October > Fog ransomware targets SonicWall VPNs to breach corporate networks
2024-10-27 14:17
Fog and Akira ransomware operators have increased their exploitation efforts of CVE-2024-40766, a critical access control flaw that allows unauthorized access to resources on the SSL VPN feature of SonicWall SonicOS firewalls. [...]
News URL
Related news
- Ransomware gang leaks data stolen in Rhode Island's RIBridges Breach (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- Sarcoma ransomware claims breach at giant PCB maker Unimicron (source)
- SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-23 | CVE-2024-40766 | Unspecified vulnerability in Sonicwall Sonicos An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. | 9.8 |