Quote:SonicWall is investigating “probable” zero-day flaws in its remote access security products that have been targeted by “highly-sophisticated” attackers. The company says it is investigating the attack and will update customers within 24 hours.
The security company said it is currently investigating its Secure Mobile Access (SMA) 100 series hardware for potential vulnerabilities linked to a reported cyberattack. SMA 100 is a gateway for small- and medium-sized businesses that lets authorized users access resources remotely. SMA 100 also gives system administrators visibility into remote devices that are connecting to the corporate network – and grants endpoints access based on corporate policies.
“Recently, SonicWall identified a coordinated attack on its internal systems by highly sophisticated threat actors exploiting probable zero-day vulnerabilities on certain SonicWall secure remote access products,” according to SonicWall, which first alerted the public of the attack on Friday evening.
SonicWall said current SMA 100 series customers may continue to use NetExtender for remote access with the SMA 100 series, as it has determined that this use case is not susceptible to exploitation. NetExtender is SonicWall’s VPN client for Windows and Linux, and allows customers to connect to SMA 100 for secure access to their company’s network.
SonicWall said that at this time, it is “critical” that organizations with active SMA 100 series appliances enable two-factor authentication (2FA). More information for doing so can be found here.
Read more: https://threatpost.com/sonicwall-breach-...ss/163290/
![[-]](https://www.geeks.fyi/images/collapse.png)
