Tag

#akira

3 posts tagged #akira.

Analysis · May 20, 2026 · Colten Anderson

Akira's favorite front door is a SonicWall SSL-VPN, and it's fast

Three SonicWall bugs, CVE-2024-40766, CVE-2024-53704, and CVE-2025-23006, feed the same outcome: Akira ransomware through the SSL-VPN. In one campaign, the time from SonicWall access to encrypted files was 55 minutes. Several of these bugs walk past MFA.
Analysis · May 20, 2026 · Colten Anderson

Ransomware crews keep hitting Veeam for the same two reasons

Four Veeam Backup & Replication CVEs feed the same playbook. Attackers target the backup server because it can destroy your recovery option and because it holds the credentials to everything it backs up. CVE-2024-40711 took Akira and Fog from access to ransomware fast.
Analysis · May 6, 2026 · Colten Anderson

Fortinet encrypted your config backups with 'Mary had a littl' for six years

Every FortiGate encrypted config backups with the same AES key for years. Akira ransomware automated the decryption. Fortinet keeps shipping this class of bug.