Security News > 2024 > October > Fog ransomware targets SonicWall VPNs to breach corporate networks
2024-10-27 14:17
Fog and Akira ransomware operators have increased their exploitation efforts of CVE-2024-40766, a critical access control flaw that allows unauthorized access to resources on the SSL VPN feature of SonicWall SonicOS firewalls. [...]
News URL
Related news
- Helldown ransomware exploits Zyxel VPN flaw to breach networks (source)
- LA housing authority confirms breach claimed by Cactus ransomware (source)
- VPN vulnerabilities, weak credentials fuel ransomware attacks (source)
- Bologna FC confirms data breach after RansomHub ransomware attack (source)
- BT unit took servers offline after Black Basta ransomware breach (source)
- Anna Jaques Hospital ransomware breach exposed data of 300K patients (source)
- Rhode Island confirms data breach after Brain Cipher ransomware attack (source)
- Over 25,000 SonicWall VPN Firewalls exposed to critical flaws (source)
- Krispy Kreme breach, data theft claimed by Play ransomware gang (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-23 | CVE-2024-40766 | Unspecified vulnerability in Sonicwall Sonicos An improper access control vulnerability has been identified in the SonicWall SonicOS management access, potentially leading to unauthorized resource access and in specific conditions, causing the firewall to crash. | 9.8 |