Security News
UPDATE] Cybersecurity firm SonicWall said late on Friday that some of its internal systems were targeted by "Highly sophisticated threat actors" exploiting what appear to be zero-day vulnerabilities affecting some of the company's products. The SMA 100 Series product remains under investigation, SonicWall said.
SonicWall announced the expansion of its Capture Cloud Platform with the addition of the high-performance NSa 2700 firewall and three new cost-effective TZ firewall options. The new SonicWall NSa 2700 expands multi-gigabit threat performance to enterprises, MSSPs, government agencies, as well as key retail, healthcare and hospitality verticals.
A critical vulnerability in a SonicWall enterprise VPN firewall can be exploited to crash the device or remotely execute code on it, reverse engineers said this week. In a statement SonicWall said it "Was contacted by a third-party research team regarding issues related to SonicWall next-generation virtual firewall models." The spokesman went on to say that SonicWall's own engineers discovered even more vulns while reproducing Tripwire's findings, going on to develop patches for the whole lot.
Earlier this week SonicWall patched 11 vulnerabilities affecting its Network Security Appliance. The SonicWall NSAs are next-generation firewall appliances, with a sandbox, an intrusion prevention system, SSL/TLS decryption and inspection capabilities, network-based malware protection, and VPN capabilities.
A critical stack-based Buffer Overflow vulnerability has been discovered in SonicWall VPNs. When exploited, it allows unauthenticated remote attackers to execute arbitrary code on the impacted devices. Tracked as CVE-2020-5135, the vulnerability impacts multiple versions of SonicOS ran by hundreds of thousands of active VPNs. Craig Young of Tripwire Vulnerability and Exposure Research Team and Nikita Abramov of Positive Technologies have been credited with discovering and reporting the vulnerability.
A significant number of SonicWall firewalls may be affected by a critical vulnerability that can be exploited for denial-of-service attacks and possibly arbitrary code execution. The vulnerability, identified as CVE-2020-5135, impacts various versions of SonicOS, the operating system powering SonicWall firewalls.
UPDATE. A critical security bug in the SonicWall VPN portal can be used to crash the device and prevent users from connecting to corporate resources. "The most notable aspect of this vulnerability is that the VPN portal can be exploited without knowing a username or password," Young told Threatpost.
To ensure cybersecurity administration is easier and more accessible, SonicWall announced new zero touch-enabled, multi-gigabit SonicWall TZ firewalls with SD-Branch capabilities, along with a redesigned cloud-native management console that helps streamline operations through fresh and modern user interfaces. "SonicWall's new SD-Branch ready next-generation firewalls, along with re-engineered SonicOS, provide multi-gig malware inspection for increased security needs and advanced protection against threats hiding in the encrypted TLS 1.3 traffic."
To simplify security deployment, management and visibility for organizations with growing branch footprints, SonicWall unveils new secure SD-Branch capabilities, and a complete line of new multi-gigabit switches, to cost-effectively scale and manage remote or branch locations. To simplify the management needs associated with distributed locations, campuses and branch offices, new SonicWall secure SD-Branch capabilities deliver single-pane-of-glass management across LAN, WAN and security controls.
"What we are seeing is a heroic undertaking by organizations to quickly and efficiently provide security for an unexpected rise in a remote, mobile workforce that will permanently change the way they operate," said SonicWall President and CEO Bill Conner. The platform delivers seamless protection that stops the most evasive cyberattacks across endless exposure points and increasingly remote, mobile and cloud-enabled workforces.