#FogRansomware

Fog ransomware targets SonicWall VPNs to breach corporate networks

by

October 27, 2024 at 05:47PM Fog and Akira ransomware operators are exploiting a critical vulnerability in SonicWall VPN accounts, leading to at least 30 network intrusions. Most cases involve Akira, with shared infrastructure indicating collaboration. Organizations lacked multi-factor authentication and used unpatched versions of SonicOS, resulting in rapid data encryption and theft following initial access. … Read more

New Fog ransomware targets US education sector via breached VPNs

by

June 6, 2024 at 02:34PM In May 2024, the ransomware ‘Fog’ targeted U.S. educational organizations using compromised VPN credentials. Notably, it employs double-extortion tactics by stealing data. With access to internal networks, attackers conduct various malicious activities and deploy the ransomware, appending encrypted files with specific extensions. Victims are directed to a Tor dark website … Read more