Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month
Qilin, Akira and Dragonforce were responsible for 40% of 672 ransomware incidents reported in March, says Check Point
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Qilin, Akira and Dragonforce were responsible for 40% of 672 ransomware incidents reported in March, says Check Point
A new report from Halcyon finds that the group also puts more effort than usual into developing working decryptors, likely to incentivize businesses to pay up. The post Akira ransomware group can achieve initial access to data encryption in less than an hour appeared first on CyberScoop.
Halcyon says Akira is now capable of carrying out an entire ransomware attack in less than an hour
Businesses That Inherit SSL VPNs Through M&A Activity Falling Victim, Warn ExpertsMultiple large enterprises that inherited SonicWall SSL VPN devices when they acquired a smaller entity have fallen victim to the Akira ransomware group, security researchers warn. Investigations of multiple intrusions found they began when attackers used "unmonitored and unrotated" credentials.
Also: Akira Ransomware Targets Healthcare, AI's Sycophancy Becomes a Security RiskIn this week's ISMG Editors' Panel, four editors discussed the staffing crisis confronting America's cyber defense agency, the escalating Akira ransomware threat putting more pressure on healthcare, and growing concerns over whether AI models used in security can actually be trusted.
The Akira ransomware group has been experimenting with new tools, bugs, and attack surfaces, with demonstrated success in significant sectors.
Advisory updated as leading cybercrime crew opens up its target pool The US Cybersecurity and Infrastructure Security Agency (CISA) has issued new guidance to organizations on the Akira ransomware operation, which poses an imminent threat to critical sectors.…
Akira ransomware has extorted $244M since September 2025, with some attacks exfiltrating data in just two hours, a joint cybersecurity advisory warns
US government agencies are warning that the Akira ransomware operation has been spotted encrypting Nutanix AHV virtual machines in attacks. [...]
The network security vendor said the MySonicWall breach was unrelated to the recent wave of Akira ransomware attacks targeting the company's devices.
The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents. [...]
Akira Ransomware Hackers Targeting SonicWall DevicesFirewall maker SonicWall said Friday all customers who used its cloud backup services are at increased "risk of targeted attacks" following a recent cyberattack. The California firm in September disclosed that unidentified hackers launched brute-force attacks against servers storing backup files.
Akira Ransomware Hackers Targeting SonicWall DevicesFirewall maker SonicWall said Friday all customers who used its cloud backup services are at increased "risk of targeted attacks" following a recent cyberattack. The California firm in September disclosed that unidentified hackers launched brute-force attacks against servers storing backup files.
Akira ransomware actors are currently targeting SonicWall firewall customers vulnerable to a bug discovered last year.
'Opportunistic, Mass Exploitation' Campaign Surging, Say Cybersecurity ResearchersAttackers wielding Akira ransomware appear to be engaged in an "opportunistic, mass exploitation" of SonicWall SSL VPN servers, even when they're using the latest firmware and configured to require multifactor authentication one-time passwords, warn cybersecurity researchers.
Akira ransomware attacks on SonicWall SSL VPN appliances are bypassing its MFA for rapid deployment
Ongoing Akira ransomware attacks targeting SonicWall SSL VPN devices continue to evolve, with the threat actors found to be successfully authenticating despite OTP MFA being enabled on accounts. [...]
Also, Akira Ransomware Resumes Attacks Via SonicWall FlawsThis week, the Vidar infostealer, BlackDB admin, Akira ransomware hackers and Patch Tuesday. A warning for British bankers, a Cursor flaw, a Brazilian dating app shut down. KazMunayGas said it wasn't hacked. Wealthsimple and Hello Gym data breaches. A macOS backdoor hid in plain sight for years.
The Akira ransomware gang is actively exploiting CVE-2024-40766, a year-old critical-severity access control vulnerability, to gain unauthorized access to SonicWall devices. [...]
Threat actors affiliated with the Akira ransomware group have continued to target SonicWall devices for initial access