SonicWall防火牆重大漏洞危機升溫,傳出已被用於散布勒索軟體
支付動態 · 2024-09-10
資安業者SonicWall透露防火牆作業系統SonicOS重大漏洞CVE-2024-40766疑似出現攻擊行動,隨後有2家資安業者公布相關調查結果,指出有勒索軟體駭客開始用於實際行動
本月6日SonicWall針對防火牆作業系統SonicOS重大層級漏洞CVE-2024-40766提出警告,昨天我們報導他們表示已得知這項漏洞疑似被用於攻擊行動,然而,9月6日當天其實又有資安業者透露相關消息。
資安業者Arctic Wolf指出,他們看到使用勒索軟體Akira的駭客已開始利用這項漏洞取得初始入侵的管道,駭客竊取SonicWall防火牆存放的SSL VPN帳號資料,這些帳號都是本機帳號,而非AD帳號,而且,所有帳號的多因素驗證(MFA)機制皆被停用。
到了9月9日,另一家資安業者Rapid7也察覺相關攻擊行動,他們表示已掌握數起SonicWall防火牆的SSL VPN帳號遭到攻擊或是被破壞的事故,並指出攻擊者的身分涵蓋勒索軟體駭客組織。研究人員指出,儘管他們掌握的是間接證據,但顯然駭客已盯上該漏洞,呼籲IT人員要儘速採取行動。
Popular articles
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
New Jersey July Gambling Revenue Hits $606M, Sweeps Casinos Banned
Regulation
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
SBC Summit Canada to Make Player Safety a Key Pillar of 2026 Agenda
Marketing
Indiana online casino bill stalls in House committee
Regulation
HUIDU Invites You to Booth T70 at iGB L!VE 2026 — Let’s Ignite London This July!
HUIDU Focus
GAT Expo Puerto Rico Will Pulse with the New Era of Gaming in the Caribbean
Marketing
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
Online gambling, crypto pose ongoing money laundering risks in Philippines, analyst says
Southeast Asia
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
British gambling levy rates confirmed for each vertical
Regulation
JILI Partners with Cricket Legend AB de Villiers (ABD) to Launch Exclusive Branded Game Series 100% 11
Sports Game
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
