Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product
#1
https://thehackernews.com/2021/01/exclus...0-day.html      Exclusive: SonicWall Hacked Using 0-Day Bugs In Its Own VPN Product
January 22, 2021 Ravie Lakshmanan      SonicWall, a popular internet security provider of firewall and VPN products, on late Friday disclosed that it fell victim to a coordinated attack on its internal systems.

The San Jose-based company said the attacks leveraged zero-day vulnerabilities in SonicWall secure remote access products such as NetExtender VPN client version 10.x and Secure Mobile Access (SMA) that are used to provide users with remote access to internal resources.

"Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products," the company exclusively told The Hacker News.

The development comes after The Hacker News received reports that SonicWall's internal systems went down earlier this week on Tuesday and that the source code hosted on the company's GitLab repository was accessed by the attackers.

SonicWall wouldn't confirm the reports beyond the statement, adding it would provide additional updates as more information becomes available.

The complete list of affected products include:

NetExtender VPN client version 10.x (released in 2020) utilized to connect to SMA 100 series appliances and SonicWall firewalls
Secure Mobile Access (SMA) version 10.x running on SMA 200, SMA 210, SMA 400, SMA 410 physical appliances, and the SMA 500v virtual appliance
The company said its SMA 1000 series is not susceptible to the zero-days and that it utilizes clients different from NetExtender.

It has also published an advisory urging organizations to enable multi-factor authentication, disable NetExtender access to the firewall, restrict access to users and admins for public IP addresses, and configure whitelist access on the SMA directly to mitigate the flaws.

With a number of cybersecurity vendors such as FireEye, Microsoft, Crowdstrike, and Malwarebytes becoming targets of cyberattacks in the wake of SolarWinds supply chain hack, the latest breach of SonicWall raises significant concerns.

"As the front line of cyber defense, we have seen a dramatic surge in cyberattacks on governments and businesses, specifically on firms that provide critical infrastructure and security controls to those organizations," SonicWall said.

(This is a developing story. We will update it as and when more updates are available.)
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Latest Mirai Variant Targets SonicWall, D-Link and IoT Devices Bjyda 0 1,131 03-17-2021 , 04:27 PM
Last Post: Bjyda
  F5 urges customers to patch 4 critical BIG-IP pre-auth RCE bugs Bjyda 0 1,073 03-11-2021 , 10:48 PM
Last Post: Bjyda
  Critical Bugs in WordPress Plugins Let Hackers Take Over Sites tarekma7 0 1,412 02-29-2020 , 07:22 PM
Last Post: tarekma7
  Apple Tackles Over a Dozen Bugs in its Catalina 10.15 Update dhruv2193 0 1,760 10-09-2019 , 06:10 PM
Last Post: dhruv2193
  VLC Media Player and MPlayer contain critical vulnerability bugs mrtrout 0 1,844 10-22-2018 , 10:47 PM
Last Post: mrtrout



Users browsing this thread: 1 Guest(s)