Svoboda Cybersecurity Brief September 29, 2025
Akira Ransomware Bypasses MFA on SonicWall VPNs
Akira ransomware operators are successfully bypassing MFA on SonicWall SSL VPNs, likely using stolen OTP seeds or exploiting CVE-2024-40766 (improper access control). Attacks involve rapid lateral movement, BYOVD attacks to disable EDR, and credential theft from Veeam servers.
Impact: Compromised MFA-protected VPN accounts enable network breaches even after patching.
Mitigation: Reset all VPN credentials, upgrade to SonicOS 7.3.0+, and monitor for suspicious activity.
Source: BleepingComputer
Harrods Discloses Data Breach via Third-Party Compromise
Harrods notified customers of a breach involving names and contact details stolen from a third-party system. The incident is unrelated to a May 2024 cyberattack attempt. No passwords or payment data were exposed.
Source: SecurityWeek
Share this brief: https://svo.bz/wA39
If you want to support us, you can donate here: Donate