Attackers breached over 100 SonicWall SSLVPN accounts using stolen credentials, with malicious activity detected from October 4th to at least…
Read More »SonicWall
Entity category: organization
GreyNoise reported a 500% surge in reconnaissance scans targeting Palo Alto Networks login interfaces, with 1,300 distinct IPs detected on…
Read More »
SonicWall confirmed that attackers used brute-force methods to access its cloud backup API, compromising configuration backup files for all customers…
Read More »
Akira ransomware is bypassing multi-factor authentication on SonicWall SSL VPN devices, likely using stolen OTP seeds to generate valid tokens…
Read More »
Akira ransomware attacks can achieve full network encryption in as little as four hours after initial VPN access, leaving organizations…
Read More »
A ransomware group named Akira is exploiting SonicWall SSL VPN appliances, primarily through a known vulnerability (CVE-2024-40766), to bypass multi-factor…
Read More »
A wave of sophisticated cyberattacks is exploiting newly discovered zero-day vulnerabilities in critical enterprise infrastructure, including Cisco's ASA and Fortra's…
Read More »
SonicWall has released a critical firmware update for its SMA 100 series to scan for and remove the OVERSTEP rootkit,…
Read More »
SonicWall has released a critical firmware update for its SMA 100 series appliances that can eradicate the OVERSTEP rootkit malware,…
Read More »
SonicWall experienced a security breach where unauthorized access to its cloud backup service exposed sensitive firewall configuration data for a…
Read More »
SonicWall experienced a security breach affecting 5% of its firewall installations, where unauthorized access to cloud backup files exposed sensitive…
Read More »
SonicWall has advised customers to reset passwords after detecting unauthorized access to firewall configuration backup files in some MySonicWall accounts,…
Read More »
WatchGuard has disclosed a critical remote code execution vulnerability (CVE-2025-9242) in its Firebox firewalls, allowing unauthenticated attackers to run arbitrary…
Read More »
Modern ransomware groups exploit minor security oversights, such as human error and misconfigurations, to bypass multi-factor authentication and disable critical…
Read More »
Major platforms like Salesloft and Drift were breached via unauthorized GitHub access, emphasizing the need for strong access controls and…
Read More »
The Akira ransomware group is exploiting CVE-2024-40766, a known vulnerability in SonicWall VPN appliances, to breach unpatched corporate networks. Despite…
Read More »
SonicWall firewalls are still being exploited by Akira ransomware affiliates due to unpatched vulnerabilities and misconfigurations, including CVE-2024-40766 and SSLVPN…
Read More »
SonicWall confirmed recent ransomware attacks exploited outdated vulnerabilities (CVE-2024-40766) and weak passwords, not a zero-day flaw, despite initial concerns about…
Read More »
A ransomware campaign exploits Intel's ThrottleStop driver (rwdrv.sys) to disable Microsoft Defender via BYOVD attacks, deploying a malicious driver (hlpdrv.sys)…
Read More »
SonicWall has issued an urgent alert to disable SSLVPN services due to potential zero-day exploits targeting Gen 7 firewalls, with…
Read More »