November 18, 2024 at 03:04PM Akira ransomware group has listed over 30 victims on its data-leak site, marking a record high. Predominantly targeting the U.S., the group focuses on various sectors, particularly business services. The uptick in activity suggests an escalation trend among ransomware groups. Akira’s operations are expected to grow further in 2023. ### … Read more
October 27, 2024 at 05:47PM Fog and Akira ransomware operators are exploiting a critical vulnerability in SonicWall VPN accounts, leading to at least 30 network intrusions. Most cases involve Akira, with shared infrastructure indicating collaboration. Organizations lacked multi-factor authentication and used unpatched versions of SonicOS, resulting in rapid data encryption and theft following initial access. … Read more
October 22, 2024 at 11:36AM Akira ransomware is returning to traditional encryption tactics after a hiatus from double extortion. Researchers note a shift towards operational efficiency and tactical adaptability, suspecting the development of a new encryptor. Akira targets vulnerabilities, particularly on ESXi and Linux systems, leveraging compromised credentials and phishing techniques to exploit networks. ### … Read more
April 19, 2024 at 08:04AM Akira ransomware has victimized over 250 organizations globally, collecting $42 million in ransom payments. Initially targeting Windows systems, it has expanded to infect VMware ESXi virtual machines. Through various tactics like targeting VPN services and known vulnerabilities in Cisco products, the operators gain access to victims’ environments. They then deploy … Read more
April 19, 2024 at 07:48AM The Akira ransomware group has extorted $42 million from over 250 victims by targeting businesses and critical infrastructure worldwide. They initially focused on Windows systems before deploying a Linux variant. The group exploits known vulnerabilities in Cisco appliances and uses various methods to establish persistence and evade detection. Akira is … Read more
April 18, 2024 at 02:18PM The Akira ransomware has targeted 250+ organizations and amassed $42 million in ransom payments. It gained notoriety in March 2023, deploying a Linux encryptor for VMware ESXi virtual machines. Ransoms ranged from $200,000 to millions. The FBI, CISA, Europol, and NCSC-NL issued guidance to mitigate the attacks’ impact and risk. … Read more
March 14, 2024 at 09:08AM Nissan Oceania has disclosed a cyberattack in December 2023, attributed to the Akira ransomware operation, affecting 100,000 people. Stolen data includes personal employee information, government IDs, and other personal details. Nissan plans to notify impacted individuals, offering support services and urging vigilance against potential fraudulent activities. From the meeting notes, … Read more
March 12, 2024 at 03:52PM Stanford University reported a ransomware attack on its Department of Public Safety (SUDPS) network, compromising personal information of 27,000 individuals. The breach occurred between May 12 and September 27, 2023. Stolen data included sensitive details like Social Security numbers and health/medical information. The Akira ransomware gang claimed responsibility and leaked … Read more
February 16, 2024 at 11:39AM The U.S. CISA added a now-patched security flaw in Cisco software to its Known Exploited Vulnerabilities catalog due to likely exploitation in Akira ransomware attacks. The flaw, CVE-2020-3259, allows attackers to retrieve device memory contents. Federal agencies must fix vulnerabilities by March 7, 2024. Ransomware is a growing problem, attracting … Read more
February 6, 2024 at 05:22AM In 2023, over 25 new ransomware gangs emerged, with Akira and 8Base emerging as the most successful. Despite increased law enforcement attention and high competition, these gangs thrived, while many others failed to survive. The full list of new gangs in 2023 and their status was provided. Akira and 8Base … Read more