Latest Posts

Stay in Touch With Us

Odio dignissim qui blandit praesent luptatum zzril delenit augue duis dolore.


+32 458 623 874

302 2nd St
Brooklyn, NY 11215, USA
40.674386 – 73.984783

Follow us on social

SonicWall, another security company victim of a sophisticated attack

SonicWall, another security company victim of a sophisticated attack Security vendor SonicWall has announced that it has been the victim of a sophisticated cyber attack on its systems, just the latest in a worrying sequence against companies in the security sector. Security solution provider SonicWall is the latest victim of a sophisticated cyber attack, the company revealed the incident last Friday. According to SonicWall experts, the company’s systems were targeted by a coordinated attack, according to early revelations from an initial investigation, the attackers exploited zero-day vulnerabilities in their company’s VPN solutions, such as NetExtender. Client VPN version 10.x and Secure Mobile Access (SMA). A zero-day flaw is a vulnerability not publicly known at the time of the attack, a circumstance that provides the attacker with an important advantage and a high probability of success. In most cases investigated in the literature, attackers capable of exploiting zero-day vulnerabilities have high capabilities, often we are faced with advanced and persistent attackers, also known as APTs, who operate on behalf of governments. According to the site The Hacker News which first reported the news, SonicWall’s internal systems were not available since last Tuesday, also according to the popular cybersecurity portal, the attackers would have had access to the source code hosted on the company’s GitLab repository. . The latter claim, if confirmed, could have serious repercussions for customers as attackers could analyze the code to find flaws that allow them to bypass the company’s security measures installed at its customers. SonicWall immediately launched an investigation into the incident and announced that it will provide further updates as more information emerges from the investigation. Below is the list of impacted products: NetExtender VPN client version 10.x (released in 2020) used to connect to SMA 100 series appliances and SonicWall firewalls Secure Mobile Access (SMA) version 10.x running on SMA 200, SMA 210, SMA 400, SMA 410 physical devices and the SMA 500v virtual appliance. SonicWall has issued an urgent security alert for the presence of flaws in NetExtender VPN Client 10.X products, and SMA 100 products, and has also provided customers with a series of recommendations to protect themselves from attacks that exploit the very vulnerabilities it took. aims in recent attacks. “Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities found in certain secure remote access products. The products concerned are: NetExtender VPN client version 10.x (released in 2020) used to connect to SMA 100 series appliances and SonicWall firewalls Secure Mobile Access (SMA) version 10.x running on physical devices SMA 200, SMA 210, SMA 400, SMA 410 and the SMA 500v virtual appliance The NetExtender VPN client and SMA 100 series oriented to SMEs are used to provide employees / users with remote access to internal resources. The SMA 1000 series is not subject to this vulnerability and uses clients other than NetExtender. ” states the urgent safety notice published by the safety provider. FOR THE SMA 100 SERIES, the supplier recommends using a firewall to only allow SSL-VPN connections to the SMA appliance from known / whitelisted IPs or to configure access to the whitelist directly on the SMA itself. FOR FIREWALL WITH SSL-VPN ACCESS VIA NETEXTENDER VPN CLIENT, the security company recommends organizations using VERSION 10.X to disable NetExtender access to firewalls or restrict access to users and administrators via an authorization list / whitelist for their public IPs. SonicWall also recommends enabling multi-factor authentication on all SONICWALL SMA, Firewall and MYSONICWALL accounts. This incident could potentially have a significant impact on multiple organizations using the above products. The attack on SonicWall is only the latest incident to hit a cybersecurity provider. A few days ago, the anti-malware solutions company MalwareBytes revealed that it was hit by the same attackers who, by compromising the supply chain in SolarWinds software, infected companies around the world, including several US government agencies.

Pierluigi Paganini

Pierluigi Paganini

Ultimo aggiornamento il 25 Gennaio 2021 alle 11:39

Eu solet iudico suavitate sit. Eam eu dicant epicuri volutpat. Illud decore eam ea, ad vim solum urbanitas. Eos feugait intellegat interesset ut, mediocrem voluptatum eum ad, at graecis copiosae patrioque visore.


  • Aaron Hill
    October 31, 2017

    Augue duis dolore te feugait nulla facilisi. Nam liber tempor cum soluta nobis eleifend option congue nihil imperdiet doming id quod mazim placerat facer possim assum.

    • Ryan Foster
      October 31, 2017

      Lorem ipsum dolor sit amet, sit magna iracundia consectetuer eu, in ferri suscipit postulant vel. Et per sint solet verear. Elit iusto.

    • Mary Barnett
      October 31, 2017

      Case justo periculis quo et, nec no labore propriae conceptam. Ei ius possim evertitur comprehensam, autem vivendo constituam.

Post a Comment

You don't have permission to register