NG Solution Team
Technology

Is SonicWall Facing a New Zero-Day Cyber Threat?

SonicWall has announced an investigation into a surge of ransomware attacks targeting its firewall devices, amid concerns of a potential zero-day vulnerability being actively exploited in its VPNs. The company is collaborating with several threat research teams to determine the nature of the vulnerability, whether it is previously known or a new zero-day issue. In the interim, SonicWall advises users of Gen 7 firewalls to disable SSL VPN services if possible and follow specific security measures, including limiting VPN connectivity to trusted IPs, enabling security services, removing inactive accounts, enforcing strong passwords, and using multi-factor authentication. Despite these precautions, SonicWall warns that MFA alone may not prevent the ransomware attacks being investigated. The attacks, suspected to involve the Akira ransomware, have been quick and effective, even in environments with MFA enabled, indicating a zero-day vulnerability might be in play. The attackers are rapidly moving from compromised devices to domain controllers, stealing credentials, disabling security tools, and deploying ransomware. This campaign is ongoing, and its full scope remains uncertain as investigations continue. This could potentially mark SonicWall’s second zero-day incident this year, following a critical bug warning in January.

Related posts

Has Apple Released iOS 18.6 to Address a Critical Security Flaw?

David Jones

Are US and EU users open to adopting Chinese AI models?

James Smith

How does Samsung enhance blood donation comfort with Galaxy XR?

Emily Brown

Leave a Comment

This website uses cookies to improve your experience. We assume you agree, but you can opt out if you wish. Accept More Info

Privacy & Cookies Policy