Security News

Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that could be potentially exploited to cause a denial-of-service (DoS)...

Security researchers have found over 178,000 SonicWall next-generation firewalls with the management interface exposed online are vulnerable to denial-of-service and potential remote code execution attacks."Using BinaryEdge source data, we scanned SonicWall firewalls with management interfaces exposed to the internet and found that 76% are vulnerable to one or both issues," said Jon Williams, a Senior Security Engineer at Bishop Fox.

CEO Bob VanKirk makes near-20-year partnership official, teases big things coming to EMEA Channel-focused cybersecurity company SonicWall is buying Virginia-based MSSP Solutions Granted – its...

SonicWall on Wednesday urged customers of Global Management System firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information. "The suite of vulnerabilities allows an attacker to view data that they are not normally able to retrieve," SonicWall said.

SonicWall warned customers today to urgently patch multiple critical vulnerabilities impacting the company's Global Management System firewall management and Analytics network reporting engine software suites."This suite of vulnerabililtes, which was responsibility disclosed, includes four vulnerabilities with a CVSSv3 rating of CRITICAL, that allows an attacker to bypass authentication and could potentially result in exposure of sensitive information to an unauthorized actor," SonicWall said.

A suspecting China-linked hacking campaign has been observed targeting unpatched SonicWall Secure Mobile Access 100 appliances to drop malware and establish long-term persistence. "The malware has functionality to steal user credentials, provide shell access, and persist through firmware upgrades," cybersecurity company Mandiant said in a technical report published this week.

A suspected Chinese hacking campaign has been targeting unpatched SonicWall Secure Mobile Access appliances to install custom malware that establishes long-term persistence for cyber espionage campaigns.The deployed malware is customized for SonicWall devices and is used to steal user credentials, provide shell access to the attackers, and even persist through firmware upgrades.

Suspected Chinese cyber criminals have zeroed in on unpatched SonicWall gateways and are infecting the devices with credential-stealing malware that persists through firmware upgrades, according to Mandiant. The spyware targets the SonicWall Secure Mobile Access 100 Series - a gateway device that provides VPN access to remote users.

Security hardware manufacturer SonicWall warned customers today of what it describes as a "Limitation" of the web content filtering feature on Windows 11, version 22H2 systems. "We have identified an inconsistency in Capture Client Windows 3.7.6 and older clients on endpoints running Windows 11 version 22H2," the company said in an advisory published on Wednesday.

SonicWall has published its latest threat report, showing a drop in ransomware but an increase in malware attacks in the first half of 2022. In an interview with The Register, SonicWall CEO Bill Conner noted that factors including the Russia and Ukraine conflict as well as the activities of law enforcement agencies had at least partially caused the drop but warned: "I think in the next six to 12 months you're going to see ransomware come back strong as the state of affairs settle into whatever this new norm is."