Solved: ASA patch for the Akira ransomware attack?

Chess Norris · ‎01-26-2024

Hello,

There has been quite a lot of attacks related to the Akira Ransomware, where the attackers are using a vulnerability in Cisco RA VPN. https://www.truesec.com/hub/blog/a-victim-of-akira-ransomware

I can see that Cisco have patched the CVE-2023-20269 vulnerability in FTD version 7.0.6.1-3 and 7.2.5.1 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC

But there is no mention about an ASA patch. Does anyone know if it's been released or if we need to apply the workarounds instead?

Thanks

/Chess

Rob Ingram · ‎01-26-2024

@Chess Norris run the software checker on that link, ensure you put your ASA version in and it will tell you which version it was fixed in (if affected).

View solution in original post

Rob Ingram · ‎01-26-2024

@Chess Norris run the software checker on that link, ensure you put your ASA version in and it will tell you which version it was fixed in (if affected).

Chess Norris · ‎01-26-2024

Thanks Rob, I did run the software checker, but it came up empty. Anyway, good to know that there is a patch for this.

Thanks

/Chess

ASA patch for the Akira ransomware attack?

Ransomhub Ransomware help need

Cisco VPN ransomware Akira

Hardening ASA 5555X RAVPN against Brute-Force attacks

Cybersecurity Threats Exposed: Real-World Attacks and Cisco Defenses

Akira Muranaka様、ありがとうございます。