Search Results: SSLVPN

SonicWall's investigation reveals recent Akira ransomware attacks exploit an older SSLVPN vulnerability (CVE-2024-40766) rather than a new zero-day. The breach vector stems from customers failing to reset local passwords during Gen 6 to Gen 7 firewall migrations. Despite the vendor's assurances, administrators report contradictory evidence, fueling industry skepticism.

SonicWall has issued an emergency advisory urging organizations to disable SSLVPN services on Gen 7 firewalls amid suspected zero-day exploitation by ransomware gangs. Multiple cybersecurity firms have observed attackers bypassing MFA and compromising networks within hours, prompting urgent mitigations while investigations continue.