CISA, FBI, Europol’s EC3, and NCSC-NL released a joint Cybersecurity Advisory called #StopRansomware: Akira Ransomware. It shares known tactics, techniques, and procedures of Akira ransomware, as well as indicators of compromise from FBI investigations up until February 2024.
Akira threat actors started with Windows systems but shifted to Linux for VMware ESXi virtual machines. They began using Megazord and Akira (written in C++) in August 2023. Akira_v2, which is also Rust-based, was introduced as well. This ransomware has affected many businesses and infrastructure entities in North America, Europe, and Australia, resulting in around $42 million (USD) in ransom payments.
By infosecbulletin
/ Monday , April 28 2025
Shadow servers found 454 vulnerable SAP NetWeaver systems at risk from a critical zero-day exploit currently being used in attacks....
Read More
By infosecbulletin
/ Monday , April 28 2025
Blind_Virus, DU_Featherless_Bipeds and Hidden investigations team secure the 1st , 2nd and 3rd positions accordingly for online preliminary round at...
Read More
By infosecbulletin
/ Sunday , April 27 2025
A critical vulnerability tracked as CVE-2025-43859 has been disclosed in h11, a minimalist, I/O-agnostic HTTP/1.1 protocol library written in Python....
Read More
By infosecbulletin
/ Saturday , April 26 2025
NVIDIA has released a software security update for its GPU Display Driver to fix multiple vulnerabilities affecting both the driver...
Read More
By infosecbulletin
/ Saturday , April 26 2025
The SessionShark phishing kit bypasses Office 365 MFA by stealing session tokens. Experts warn about real-time attacks using fake login...
Read More
By infosecbulletin
/ Friday , April 25 2025
In Q1 2025, VulnCheck identified evidence of 159 CVEs publicly disclosed for the first time as exploited in the wild....
Read More
By infosecbulletin
/ Friday , April 25 2025
The NVIDIA NeMo Framework has three vulnerabilities that could enable attackers to execute remote code, risking AI system compromise and...
Read More
By infosecbulletin
/ Thursday , April 24 2025
Cisco issued a security advisory about a remote code execution (RCE) vulnerability (CVE-2025-32433) affecting multiple products in its portfolio due...
Read More
By infosecbulletin
/ Thursday , April 24 2025
SonicWall has revealed a vulnerability in its SonicOS SSLVPN Virtual Office interface that could let remote attackers crash firewall appliances....
Read More
By infosecbulletin
/ Thursday , April 24 2025
GitLab has announced a security advisory urging users to upgrade their self-managed installations right away. Versions 17.11.1, 17.10.5, and 17.9.7...
Read More
CISA and its partners urge critical infrastructure organizations to check and apply the solutions in the joint CSA. This will help decrease the chances and effects of Akira and other ransomware attacks. To learn more, visit CISA’s #StopRansomware webpage and the updated #StopRansomware Guide.