Immediate patching of Cisco ASA/FTD bug urged amid Akira ransomware attacks

Organizations have been urged by the Cybersecurity and Infrastructure Security Agency to immediately remediate a high-severity flaw in Cisco Adaptive Security Appliance and Firepower Threat Defense, tracked as CVE-2020-3259, with federal agencies ordered to apply patches by March 7, according to The Hacker News. The flaw's inclusion in CISA's Known Exploited Vulnerabilities catalog comes weeks after Truesec reported that it had been leveraged by the Akira ransomware operation to target vulnerable Cisco Anyconnect SSL VPN instances. Akira may have also purchased or developed its exploit code for the bug, which does not have any publicly available code, said Truesec researcher Haresh Zaremand. Akira has been noted by Palo Alto Networks Unit 42 to be among the most prolific ransomware groups last year after targeting nearly 200 organizations last year. Forty-nine entities have been compromised by the group during the last quarter of 2023 alone, which was behind only LockBit, Play, ALPHV/BlackCat, NoEscape, 8Base, and Black Basta, the report revealed.