September 26, 2023

SonicWall Internal Systems Hacked.
The company has acknowledged that hackers exploited zero-day vulnerabilities in its secure remote access products to compromise the systems. Company has briefed it a coordinated attack

NetExtender VPN client version 10.x utilized to connect to SMA 100 series appliances and SonicWall firewalls,” and “Secure Mobile Access (SMA) version 10.x running on SMA 200, SMA 210, SMA 400, SMA 410 physical appliances and the SMA 500v virtual appliance.”

SonicWall was hit by ransomware, and hackers managed to steal customer data and forced all the company’s internal systems to shut down on Tuesday. The hackers notified the networking device maker that they stole its source code from its GitLab repository after the breach. But it’s not disclosed like a Ransomware attack

SonicWall recommends that organizations SMA 100 Series appliances or NetExtender 10.x must use a firewall only to let SSL-VON connections to the SMA appliances from authentic and whitelisted IPs, or else they should directly configure whitelist access on the SMA.

Firewalls accessing NetExtender VPN client with SSL-VPN should disable access to the firewall or restrict access to allow admins and users through a verified whitelist for public IPs.

Also urged that users must enable multi-factor authentication (MFA) on all SonicWall products and accounts.

Tags:

1 thought on “Sonic wall Zero Day

  1. Pingback: Sonic Wall NSM Critical bug – TheCyberThrone

Leave a Reply

You may have missed

Sony attack – Ransomed.vc claims responsibility

September 26, 2023

Chrome Zeroday – CVE-2023-4863 PoC Exploit Released

September 25, 2023

BlackCat adds Clarion to its Victim list

September 24, 2023

TheCyberThrone Security Week In Review – September 23, 2023

September 24, 2023

MGM Resorts and Ceasars Attacks – Lesson Learnt

September 23, 2023

CISA KEV Update September 2023 – Part II

September 23, 2023
%d bloggers like this: