SonicWall Finds No SSLVPN Zero-Day, Links Ransomware Attacks to 2024 Flaw
GLOBAL, AUG 7 – Akira ransomware exploits a known SonicWall SSL VPN flaw patched in August 2024, targeting organizations that reused credentials during firewall migration, with fewer than 40 cases confirmed.
8 Articles
8 Articles
There's new insights into attacks on Sonicwall firewalls. Apparently, attackers don't exploit zero-day security.
SonicWall Dismisses Zero-day Fears After Ransomware Probe - Cybernoz - Cybersecurity News
SonicWall dismisses zero-day fears after Ransomware probe Pierluigi Paganini August 08, 2025 SonicWall found no evidence of a new vulnerability after probing reports of a zero-day used in ransomware attacks. SonicWall investigated claims of a zero-day being used in ransomware attacks but found no evidence of any new vulnerability in its products. SonicWall launched the investigation after a surge in Akira ransomware attacks targe…
SonicWall has discovered that the recent Akira ransomware attack targeting its Gen 7 firewalls did not exploit a zero-day vulnerability, but instead used the known vulnerability CVE-2024-40766 to steal device credentials. Users are advised to update firmware, reset passwords, and disable SSL VPN for improved security.
SonicWall finds no SSLVPN zero-day, links ransomware attacks to 2024 flaw | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware - National Cyber Security Consulting
SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older vulnerability rather than a zero-day flaw. The company says that the attackers are targeting CVE-2024-40766, an unauthorized access flaw fixed in August 2024. "We now have high confidence that the recent SSLVPN activity is not connected to […] Thank you for subscribing to our RSS feed! The post SonicWall finds no SSLVPN zero…
Coverage Details
Bias Distribution
- 100% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium