"Akira, LockBit Actively Searching for Vulnerable Cisco ASA Devices"

Security researcher Kevin Beaumont warns that the Akira and LockBit ransomware groups are attempting to breach Cisco ASA SSL VPN devices by exploiting several older vulnerabilities. They are focusing on vulnerabilities for which patches have been released in 2020 and 2023. Cisco ASA devices are widely used in organizations of all sizes, and they are often targeted by attackers who exploit unpatched vulnerabilities, conduct credential-stuffing attacks, and perform targeted brute-force attacks. Proof-of-Concept (POC) exploits for patched vulnerabilities make it easy for attackers, but they also create their own exploits or buy them. This article continues to discuss the targeting of Cisco ASA SSL VPN devices by Akira and LockBit ransomware groups through old vulnerabilities.

Help Net Security reports "Akira, LockBit Actively Searching for Vulnerable Cisco ASA Devices"

Submitted by grigby1

Submitted by Gregory Rigby on