Topic: credential reset

Sort by: Relevance | Date
  • SonicWall Urges Password Reset Following Security Breach
    September 19, 2025
    88%

    SonicWall Urges Password Reset Following Security Breach

    SonicWall has advised customers to reset passwords after detecting unauthorized access to firewall configuration backup files in some MySonicWall accounts, which contain sensitive data like credentials and tokens. The company confirmed this was not a ransomware attack but a series of targeted bru...

    Read More »
  • Akira Ransomware: 4 Hours from VPN Login to Total Encryption
    September 30, 2025
    85%

    Akira Ransomware: 4 Hours from VPN Login to Total Encryption

    Akira ransomware attacks can achieve full network encryption in as little as four hours after initial VPN access, leaving organizations with a very narrow window for detection and response. Attackers exploit stolen SonicWall VPN credentials and bypass multi-factor authentication to systematically...

    Read More »
  • SonicWall Firewall Backups Compromised by Attackers
    October 11, 2025
    82%

    SonicWall Firewall Backups Compromised by Attackers

    SonicWall confirmed that attackers used brute-force methods to access its cloud backup API, compromising configuration backup files for all customers who used the service, contradicting earlier statements about a limited impact. The compromised files contain sensitive data like network settings, ...

    Read More »
  • FortiGate Firewalls Under Attack: Critical Auth Bypass Exploited
    December 19, 2025
    80%

    FortiGate Firewalls Under Attack: Critical Auth Bypass Exploited

    Attackers are actively exploiting a critical Fortinet firewall vulnerability (CVE-2025-59718) to bypass authentication and steal sensitive network configuration files containing encrypted credentials. The flaw, along with a related one (CVE-2025-59719), stems from improper cryptographic signature...

    Read More »
  • State-Sponsored Hackers Breached SonicWall in September
    November 6, 2025
    78%

    State-Sponsored Hackers Breached SonicWall in September

    State-sponsored hackers breached SonicWall's cloud environment in September, accessing firewall configuration backup files via an API call, but no products, firmware, or customer networks were compromised. The exposed backup files contained sensitive credentials, prompting SonicWall to advise aff...

    Read More »
  • Akira Ransomware Bypasses MFA to Breach SonicWall VPNs
    October 5, 2025
    70%

    Akira Ransomware Bypasses MFA to Breach SonicWall VPNs

    Akira ransomware is bypassing multi-factor authentication on SonicWall SSL VPN devices, likely using stolen OTP seeds to generate valid tokens despite security patches. Attackers exploit the CVE-2024-40766 vulnerability to steal credentials, which they reuse even on patched systems, gaining rapid...

    Read More »
  • SonicWall SMA Devices Still Infected with Stealthy OVERSTEP Malware
    July 18, 2025
    70%

    SonicWall SMA Devices Still Infected with Stealthy OVERSTEP Malware

    Cybersecurity experts discovered a malware campaign targeting outdated SonicWall SMA 100 devices, deploying the stealthy OVERSTEP backdoor via stolen admin credentials and potential vulnerabilities. The OVERSTEP malware hijacks system functions, steals sensitive data, and evades detection, with a...

    Read More »
  • SonicWall SMA100 Update Eradicates Rootkit Malware
    September 24, 2025
    60%

    SonicWall SMA100 Update Eradicates Rootkit Malware

    SonicWall has released a critical firmware update for its SMA 100 series appliances that can eradicate the OVERSTEP rootkit malware, which enables persistent unauthorized access and data theft. The update is urgent due to active attacks by threat actor UNC6148, who uses the rootkit to steal sensi...

    Read More »

Related Topics

security breach (3) data exposure (3) incident response (2) akira ransomware (2) cve-2024-40766 (2) cybersecurity threats (2) zero-day exploit (2) vulnerability exploitation (2)