Ongoing Ransomware Campaign Against Cisco ASA VPN Appliances

Arctic Wolf has been tracking multiple intrusions where Cisco VPN account credentials were harnessed by Akira ransomware for initial access. In a recent Cisco PSIRT advisory, Cisco stated they were aware of reports that Akira ransomware threat actors have been targeting Cisco VPNs that are not configured for multi-factor authentication to infiltrate organisations. Our case … Ongoing Ransomware Campaign Against Cisco ASA VPN Appliances

Article Link: Ongoing Ransomware Campaign Against Cisco ASA VPN Appliances - Arctic Wolf