See every side of every news story
Published loading...Updated

SonicWall Finds No SSLVPN Zero-Day, Links Ransomware Attacks to 2024 Flaw

GLOBAL, AUG 7 – Akira ransomware exploits a known SonicWall SSL VPN flaw patched in August 2024, targeting organizations that reused credentials during firewall migration, with fewer than 40 cases confirmed.

Summary by BleepingComputer
SonicWall says that recent Akira ransomware attacks exploiting Gen 7 firewalls with SSLVPN enabled are exploiting an older vulnerability rather than a zero-day flaw.

8 Articles

There's new insights into attacks on Sonicwall firewalls. Apparently, attackers don't exploit zero-day security.

·Germany
Read Full Article

SonicWall has discovered that the recent Akira ransomware attack targeting its Gen 7 firewalls did not exploit a zero-day vulnerability, but instead used the known vulnerability CVE-2024-40766 to steal device credentials. Users are advised to update firmware, reset passwords, and disable SSL VPN for improved security.

Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center

Factuality 

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

The Hacker News broke the news in on Thursday, August 7, 2025.
Sources are mostly out of (0)

Similar News Topics