"Akira Ransomware Targets Cisco VPNs to Breach Organizations"
A growing body of evidence suggests that the Akira ransomware uses Cisco Virtual Private Network (VPN) products as an attack vector to infiltrate corporate networks, steal data, and encrypt it. Akira ransomware is a relatively new ransomware operation that was launched in March 2023, with a Linux encryptor later being added to target VMware ESXi virtual machines. Cisco VPN solutions are widely used in various industries to provide secure, encrypted data transmission between users and corporate networks, typically for remote workers. According to researchers, Akira has been using compromised Cisco VPN accounts to infiltrate corporate networks without installing additional backdoors or persistence mechanisms that could lead to their identification. This article continues to discuss the Akira ransomware targeting Cisco VPN products.
Bleeping Computer reports "Akira Ransomware Targets Cisco VPNs to Breach Organizations"