News

Latest news on the subject of B2B cyber security >>> PR agencies: Add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: Akira

Akira Ransomware still active
27 January 2025
| No comments
| Stories
Akira Ransomware still active

Akira was rather quiet in the first half of 2024. But the criminals were not idle last year. Towards the end of the year, they were making more noise again. They exploited zero-day vulnerabilities and were probably connected to Chinese Advanced Persistent Threat (APT) groups. Since the ransomware incident at a German IT service provider with effects on over 70 municipalities in 2023, things have been quiet around the malware. Only at the beginning of the year did the Berlin University of Technology (BHT) make its ransomware incident public. Here, too, it was Akira who, in the course of compromising a…

Read more

Increase in Fog and Akira ransomware
23 November 2024
| No comments
| PR News
Increase in Fog and Akira ransomware

In September, SonicWall announced that CVE-2024-40766 was being actively exploited. While Arctic Wolf has no clear evidence that this vulnerability was exploited in the cases Arctic Wolf investigated, all SonicWall devices involved in these cases had firmware versions affected by this vulnerability. While credential abuse cannot be ruled out in some attack cases, the trend of increasing threat activity on SonicWall devices underscores the need to perform firmware updates and implement external log monitoring. Key findings: Arctic Wolf has seen an increase in…

Read more

Akira: Group exploits vulnerability in firewall
31 October 2024
| No comments
| PR News
Akira: Group exploits vulnerability in firewall

Cybercriminals have been exploiting vulnerabilities in widely used firewalls more frequently this year. Now, Akira members have been observed actively exploiting a SonicWall vulnerability, a leading security operations provider reports. Malicious actors appear to have compromised local SSLVPN accounts on SonicWall firewalls affected by the vulnerability. Researchers also note that the compromised devices did not have multi-factor authentication (MFA) enabled. Combined with security vulnerabilities earlier this year, this is another sign that attackers are looking for ways to gain access to widely used software…

Read more

Ransomware group Akira: 11 months – 171 victims  
4. February 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The APT group with the Akira ransomware remains extremely active. After the first occurrence in March 2023, there are now officially 171 victims - according to the company Logpoint. In addition to South Westphalia IT (SIT), even zoos are among the victims. The Akira ransomware has been actively attacking companies worldwide and has made headlines in 2023 by causing extensive damage and attracting the attention of cybersecurity authorities. In December, the Finnish National Center for Cybersecurity (NCSC-FI) reported that the Akira ransomware was carrying out increasing attacks in Finland and...

Read more

Akira responsible for attack on South Westphalia IT and municipalities
30 January 2024
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Now it is definitely clear: The Akira group and its ransomware attacked South Westphalia IT in October, paralyzing 70 to 100 municipalities. The service provider is now working through the attack and reveals that it all started with a VPN attack. The attack on Südwestfalen IT – SIT started on October 30, 2023 and has kept those responsible on their toes to date. According to SIT, they are still working through the action plan and want to be back to normal operations by the end of Q1 2024. Some municipalities are already reporting that they are working almost back to normal...

Read more

With AI-based NDR against ransomware
16 January 2024
| No comments
| PR News
With AI-based NDR against ransomware

Ransomware threats are constantly increasing and evolving. AI-supported NDR (Network Detection and Response) systems can keep up better and therefore offer more protection. According to the Swiss security company Exeon Analytics, with the emergence of the Akira ransomware, large companies in particular and those tied to Kritis or NIS 2 are facing a new danger, as there is currently no decryptor for the current versions of the malware and the new group is mainly focuses on victims from whom it can extort large ransoms. According to Erismann, many SIEM systems (Security Information and Event Management) offer...

Read more

Analysis: This is how an attack by the Akira ransomware group works
17 November 2023
| No comments
| Stories, TrendMicro

South Westphalia's IT was attacked by the hacker group "Akira", which has meant that numerous local governments have only been able to work to a limited extent for weeks. The ransomware group encrypted server data and is now demanding a significant ransom, which is not paid. Akira, a new type of ransomware, only appeared in the spring. But who is actually behind the group? Trend Micro analyzes the background, techniques and tactics of this highly targeted successful group. “Our analysis shows that the ransomware uses similar routines to Conti, such as obfuscating strings and encrypting files. It also avoids the same file extensions as...

Read more

APT Akira: Extremely active ransomware demands a large ransom 
2 October 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

The Akira ransomware group quickly gained notoriety. The group emerged in March 2023 and was already the fourth most active group in August, demanding millions of dollars in ransom from its victims. Logpoint analyzed the tactics, techniques and processes. Akira primarily focuses on companies across a range of industries in the UK and US, including education, finance, real estate, manufacturing and consulting. “Akira has proven to be extremely active and has amassed an extensive list of victims in a short period of time. With each attack, the group evolves with additional capabilities,” says Swachchhanda Shrawan Poudel, Logpoint Security…

Read more

Cyber ​​danger Akira ransomware
July 30, 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Ransomware is one of the biggest threats facing businesses. This was also confirmed by the BSI in its report on the situation of IT security in Germany in 2022. One of the best known and most notorious ransomware groups was Conti. This criminal organization formed the basis for other threat actors that split off from the ransomware group. One of these groups is Akira ransomware. What is Akira? Akira is a relatively new, fast-growing ransomware group, first observed in March 2023, that uses the ransomware-as-a-service (RaaS) model. RaaS are service and tool offerings related to ransomware, with which even relatively inexperienced…

Read more

© 2024 MedPressIT Selinger
Cookie Settings