Saturday, October 16, 2021

SonicWall firewall maker hacked Via Zero-Day Flaw in its products

Must Read

Germany: Massive Cyber Attack Takes Down Major Funke Newsgroup

A massive cyberattack has taken down one of Germany’s largest newsgroups during the Christmas holidays.Hackers knocked out one of...

Helicopter Manufacturer Kopter Hit By Ransomware

Helicopter manufacturer Kopter has fallen Victim to ransomware attack after hackers breached its internal system and encoded the firm's...

SitePoint, a Webdev tutorials site, discloses data breach

The SitePoint web developers community has disclosed a data breach after one million user credentials were sold on a...

SonicWall, who built the communications equipment, said on Friday night, he was investigating a security breach of his internal network after discovering what he described as a “sophisticated attack.”

SonicWall has issued an emergency security alert about threat actors using the zero-day risk on their VPN products to attack their internal systems.

SonicWall is a well-known manufacturer of hardware firewall devices, VPN gates, and network security solutions in their products widely used in SMB / SMEs and large business organizations.

In a brief statement posted on its website, the company said, “the most high-risk actors” have targeted their internal systems “by using zero-day risks on certain SonicWall secure access products.”

The company has Marked NetExtender VPN customers and Secure Mobile Access (SMA) gateways as affected:

  • The NetExtender VPN 10.x client version (released in 2020) was used to connect to SMA 100 series devices and SonicWall fire extinguishers.
  • Secure Mobile Access (SMA) version 10.x operating on SMA 200, SMA 210, SMA 400, SMA 410 consumables, and SMA 500v.
  • SonicWall said the new SMA 1000 series is unaffected as this particular product series uses a different VPN client than NetExtender.

The zero-day risk patches are not available at the time of writing.

To help keep its customers’ networks secure, the vendor has included a series of limitations in its information database, such as installing a firewall to limit who can interact with SMA devices or disable access to a NetExtender VPN client to its firewalls.

SonicWall also urged companies to enable two authentication options for their products on admin accounts.

The communications device manufacturer, whose product is often used to protect corporate networks, is now the fourth security vendor to expose security breaches over the past two months, following FireEye, Microsoft, and Malwarebyte.

All three previous companies were broken during the SolarWinds chain attack. CrowdStrike said it targeted the SolarWinds hack as well, but the attack was unsuccessful.

Cisco, another major retailer of communications and security devices, was also targeted by SolarWinds hackers. Last month, the company was investigating whether attackers increased their access for the first time from SolarWinds products to other parts of its network.

Several sources have also suggested that SonicWall may have been the victim of a ransomware attack.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This