Security News

Suspected Chinese cyber criminals have zeroed in on unpatched SonicWall gateways and are infecting the devices with credential-stealing malware that persists through firmware upgrades, according to Mandiant. The spyware targets the SonicWall Secure Mobile Access 100 Series - a gateway device that provides VPN access to remote users.

Security hardware manufacturer SonicWall warned customers today of what it describes as a "Limitation" of the web content filtering feature on Windows 11, version 22H2 systems. "We have identified an inconsistency in Capture Client Windows 3.7.6 and older clients on endpoints running Windows 11 version 22H2," the company said in an advisory published on Wednesday.

SonicWall has published its latest threat report, showing a drop in ransomware but an increase in malware attacks in the first half of 2022. In an interview with The Register, SonicWall CEO Bill Conner noted that factors including the Russia and Ukraine conflict as well as the activities of law enforcement agencies had at least partially caused the drop but warned: "I think in the next six to 12 months you're going to see ransomware come back strong as the state of affairs settle into whatever this new norm is."

Network security company SonicWall on Friday rolled out fixes to mitigate a critical SQL injection vulnerability affecting its Analytics On-Prem and Global Management System products. The vulnerability, tracked as CVE-2022-22280, is rated 9.4 for severity on the CVSS scoring system and stems from what the company describes is an "Improper neutralization of special elements" used in an SQL command that could lead to an unauthenticated SQL injection.

SonicWall has published a security advisory today to warn of a critical SQL injection flaw impacting the GMS and Analytics On-Prem products.The flaw, tracked as CVE-2022-22280, allows SQL injection due to improper neutralization of special elements used in an SQL Command.

SonicWall has published an advisory warning of a trio of security flaws in its Secure Mobile Access 1000 appliances, including a high-severity authentication bypass vulnerability. The weaknesses in question impact SMA 6200, 6210, 7200, 7210, 8000v running firmware versions 12.4.0 and 12.4.1.

SonicWall "Strongly urges" customers to patch several high-risk security flaws impacting its Secure Mobile Access 1000 Series line of products that can let attackers bypass authorization and, potentially, compromise unpatched appliances.SonicWall SMA 1000 SSLVPN solutions are used by enterprises to simplify end-to-end secure remote access to corporate resources across on-prem, cloud, and hybrid data center environments.

SonicWall has released security updates to contain a critical flaw across multiple firewall appliances that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and cause a denial-of-service condition. Tracked as CVE-2022-22274, the issue has been described as a stack-based buffer overflow in the web management interface of SonicOS that could be triggered by sending a specially crafted HTTP request, leading to remote code execution or DoS. The flaw impacts 31 different SonicWall Firewall devices running versions 7.0.1-5050 and earlier, 7.0.1-R579 and earlier, and 6.5.4.4-44v-21-1452 and earlier.

Security hardware manufacturer SonicWall has fixed a critical vulnerability in the SonicOS security operating system that allows denial of service attacks and could lead to remote code execution. The security flaw is a stack-based buffer overflow weakness with a 9.4 CVSS severity score and impacting multiple SonicWall firewalls.

The company's researchers noted 623.3 million ransomware attacks globally last year, up 105 per cent on 2020 and more than triple 2019's figure. Cryptojacking in 2021 rose 19 per cent to 97.1 million globally and while malware might have dropped by 4 per cent in 2021, it looked very much like things picked up in the latter part of the year, indicating an upward trend on the cards for 2022.