SonicWall investigates 'cyber incidents' amid 0-day reports
Briefly

SonicWall confirmed the investigation of ransomware targeting Gen 7 firewalls with SSL VPN enabled, following reports of a zero-day exploit. The company is collaborating with third-party threat research teams to ascertain the nature of the vulnerabilities. Customers are advised to disable SSL VPN services where practical, limit connectivity to trusted IPs, enable security services, remove inactive accounts, promote strong passwords, and enforce MFA for remote access. There is a warning that MFA alone may not fully protect against the ongoing threats.
SonicWall is actively investigating a recent increase in reported cyber incidents involving a number of Gen 7 firewalls running various firmware versions with SSL VPN enabled.
We are working closely with these organizations to determine whether the activity is tied to a previously disclosed vulnerability or represents a zero-day vulnerability.
SonicWall promised to release updated firmware and guidance 'as quickly as possible'.
The vendor urged customers using Gen 7 firewalls to disable SSL VPN services 'where practical'.
Read at Theregister
[
|
]