Has anyone been updated or made aware of the Akira ransomware that is found to target VPN clients, and more specifically, Cisco VPN? Supposedly Akira was first noticed abusing VPN clients back in May, but was wondering if this is related to this advisory (https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-ac-csc-privesc-wx4U4Kw.html)
If anyone has any information so we can share with the community or at least spread the information, please share:
- what software and versions are affected?
- is this just for VPN clients for end users?
- Is it for all VPN clients (not just Cisco)?
Supposedly it is taking advantage of VPN clients without a MFA solution in place, which stresses the importance of MFA.
Thanks in advance.
