The cybersecurity firm SonicWall has confirmed that it was hacked after unknown hackers exploited 0-day flaws in its VPN product.
SonicWall has been in news for vulnerabilities in the past but this time, the cybersecurity firm that offers network, email, cloud, access, and end-point security solutions, became the target of ‘sophisticated threat actors’ who hacked the company’s internal systems.
SonicWall Internal Systems Hacked
Interestingly, the company has acknowledged that hackers exploited zero-day vulnerabilities in its secure remote access products to compromise the systems.
See: Hackers leak login credentials of vulnerable Fortinet SSL VPNs
SonicWall referred to the incident as a “coordinated attack” in its brief a security alert released on Friday. It revealed that impacted products include:
“NetExtender VPN client version 10.x (released in 2020) utilized to connect to SMA 100 series appliances and SonicWall firewalls,” and “Secure Mobile Access (SMA) version 10.x running on SMA 200, SMA 210, SMA 400, SMA 410 physical appliances and the SMA 500v virtual appliance.”
The NetExtender VPN client version is used to connect to Secure Mobile Access 100 series appliances and SonicWall firewalls.
SMA Appliances had Zero-Days
Reportedly, SonicWall was hit by ransomware, and hackers managed to steal customer data and forced all the company’s internal systems to shut down on Tuesday. The hackers notified the networking device maker that they stole its source code from its GitLab repository after the breach.
However, it is ..
Support the originator by clicking the read the rest link below.
