Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

Briefly

"SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service. "The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files could increase the risk of targeted attacks," the company said. It also noted that it's working to notify all partners and customers, adding it has released tools to assist with device assessment and remediation. The company is also urging users to log in and check"

"The list of impacted devices available on the MySonicWall portal has been assigned a priority level to help customers prioritize remediation efforts. The labels are as follows - Active - High Priority: Devices with internet-facing services enabled Active - Lower Priority: Devices without internet-facing services Inactive: Devices that have not pinged home for 90 days It previously stated that the threat actors accessed backup firewall preference files stored in the cloud for less than 5% of its customers,"

"Users are advised to follow the steps below with immediate effect - Log in to MySonicWall.com account and verify if cloud backups exist for registered firewalls If fields are blank, there is no impact If fields contain backup details, verify whether impacted serial numbers are listed in the account If Serial Numbers are shown, users should follow the containment and remediation guidelines for the listed firewalls"