CISA Warning Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability
16-Feb-24
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about the Akira ransomware exploiting a now-patched vulnerability (CVE-2020-3259) in Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software, with evidence suggesting it has been used to compromise Cisco Anyconnect SSL VPN appliances. Federal agencies are urged to remediate the vulnerability by March 7, 2024. Akira, a ransomware group linked to Conti, publicly claims nearly 200 victims, with the ransomware landscape becoming a lucrative market for cybercriminals. The U.S. State Department is offering rewards for information on the BlackCat ransomware gang.
