Arctic Wolf Observes Akira Ransomware Campaign Targeting SonicWall SSLVPN Accounts | Arctic Wolf
Tags
| attack-pattern: | Firmware - T1592.003 |
Common Information
| Type | Value |
|---|---|
| UUID | 27775a87-91e9-40eb-831a-7469a987dcf2 |
| Fingerprint | af0448d051e17367 |
| Analysis status | DONE |
| Considered CTI value | 1 |
| Text language | |
| Published | Sept. 6, 2024, 8:38 p.m. |
| Added to db | Sept. 7, 2024, 12:23 a.m. |
| Last updated | Nov. 12, 2024, 8:57 a.m. |
| Headline | Arctic Wolf Observes Akira Ransomware Campaign Targeting SonicWall SSLVPN Accounts |
| Title | Arctic Wolf Observes Akira Ransomware Campaign Targeting SonicWall SSLVPN Accounts | Arctic Wolf |
| Detected Hints/Tags/Attributes | 23/1/10 |
Source URLs
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 16 | ✔ | Arctic Wolf | https://arcticwolf.com/feed/ | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 84 | cve-2024-40766 |
|
| Details | Domain | 13 | mysonicwall.com |
|
| Details | Domain | 16 | www.sonicwall.com |
|
| Details | IPv4 | 30 | 5.9.2.14 |
|
| Details | IPv4 | 21 | 6.5.4.14 |
|
| Details | IPv4 | 19 | 6.5.2.8 |
|
| Details | IPv4 | 20 | 6.5.4.15 |
|
| Details | Url | 3 | https://www.sonicwall.com/support/knowledge-base/how-do-i-configure-2fa-for-ssl-vpn-with-totp/190829123329169 |
|
| Details | Url | 1 | https://www.sonicwall.com/support/knowledge-base/how-can-i-restrict-admin-access-to-the-device/170503259079248. |
|
| Details | Url | 1 | https://www.sonicwall.com/support/knowledge-base/how-can-i-setup-ssl-vpn/170505609285133 |