Two-factor authentication, Virtual private network, Authentication, Risk, Security, Zero day attack

Urgent Security Notice: SonicWall Confirms SMA 100 Series 10. X Zero-Day Vulnerability [Feb. 1, 2 P.M. CST]

On Feb 2, 2021
@jaysonstreet shared
RT @NCCGroupInfosec: Per the @SonicWall advisory - https://t.co/teeOvpwFMD - we've identified and demonstrated exploitability of a possible candidate for the vulnerability described and sent details to SonicWall - we've also seen indication of indiscriminate use of an exploit in the wild - check logs
Open

Reset user passwords for accounts that utilized the SMA 100 series with 10.X firmware If the SMA 100 series (10.x) is behind a firewall, block all access to the SMA 100 on the firewall; Shut down the SMA 100 series device (10.x) until a patch is available; or Load firmware version 9.x ...

www.sonicwall.com
On Feb 2, 2021
@jaysonstreet shared
RT @NCCGroupInfosec: Per the @SonicWall advisory - https://t.co/teeOvpwFMD - we've identified and demonstrated exploitability of a possible candidate for the vulnerability described and sent details to SonicWall - we've also seen indication of indiscriminate use of an exploit in the wild - check logs
Open

Urgent Security Notice: SonicWall Confirms SMA 100 Series 10. X Zero-Day Vulnerability [Feb. 1, 2 P.M. CST]

Urgent Security Notice: SonicWall Confirms SMA 100 Series 10. X Zero-Day Vulnerability [Feb. 1, 2 P.M. CST]

Reset user passwords for accounts that utilized the SMA 100 series with 10.X firmware If the SMA 100 series (10.x) is behind a firewall, block all access to the SMA 100 on the firewall; ...

SonicWall says it was hacked using zero-days in its own products

SonicWall says it was hacked using zero-days in its own products

The networking device vendor has published a series of mitigations as it's investigating the incident and preparing patches.

Urgent Security Notice: NetExtender VPN Client 10.x, SMA 100 Series Vulnerability [Updated Jan. 23, 2021]

Urgent Security Notice: NetExtender VPN Client 10.x, SMA 100 Series Vulnerability [Updated Jan. 23, 2021]

SMA 100 Series: This product remains under investigation for a vulnerability, however we can issue the following guidance on deployment use cases: Current SMA 100 Series customers may ...

SonicWall Updates Zero Day Issues

SonicWall Updates Zero Day Issues

SonicWall identified a coordinated attack on its internal systems by sophisticated threat actors exploiting probable Zero Day vulnerabilities on SonicWall secure remote access products.

SonicWall Says 'a Few Thousand Devices' Impacted by Zero-Day Vulnerability

SonicWall Says 'a Few Thousand Devices' Impacted by Zero-Day Vulnerability

SonicWall has confirmed that its SMA 100 series remote access appliances are affected by an actively exploited vulnerability, and says a few thousand devices are impacted.

CISA Alerts About Path Traversal Vulnerability in Fortinet VPNs

CISA Alerts About Path Traversal Vulnerability in Fortinet VPNs

The path traversal vulnerability in the FortiOS SSL VPN web portal may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests.

CyberheistNews Vol 10 #53 [Heads Up] Here's Some Powerful Ammo to Grab More of Your Year-End InfoSec Budget

CyberheistNews Vol 10 #53 [Heads Up] Here's Some Powerful Ammo to Grab More of Your Year-End InfoSec Budget

CyberheistNews Vol 10 #53 [Heads Up] Here's Some Powerful Ammo to Grab More of Your Year-End InfoSec Budget

What is Your Disaster Recovery Plan? 5 Core Practices to Ensure Business Continuity

What is Your Disaster Recovery Plan? 5 Core Practices to Ensure Business Continuity

What is a disastery recovery or business continuity plan (BCP)? Five best practices to protect your business in the face of disaster.

Actively exploited SonicWall zero-day affects SMA 100 series appliances

Actively exploited SonicWall zero-day affects SMA 100 series appliances

SonicWall has confirmed that the actively exploited zero-day vulnerability affects its Secure Mobile Access (SMA) 100 series appliances.

SonicWall warns customers about zero-day vulnerabilities

SonicWall warns customers about zero-day vulnerabilities

Attack targets SonicWall's SMA Series access management gateways and is another in a string of incidents against security vendors.

TP-Link Archer Router Vulnerability Voids Admin Password, Can Allow Remote Takeover

TP-Link Archer Router Vulnerability Voids Admin Password, Can Allow Remote Takeover

Find the latest security analysis and insight from top IT security experts and leaders, made exclusively for security professionals and CISOs.

SonicWall Probes Attack Using Zero-Days in Own Products

SonicWall Probes Attack Using Zero-Days in Own Products

SonicWall Probes Attack Using Zero-Days in Own Products. SMA 100 Series under investigation after “sophisticated” attack

SonicWall firewall maker hacked using zero-day in its VPN device

SonicWall firewall maker hacked using zero-day in its VPN device

Security hardware manufacturer SonicWall has issued an urgent security notice about threat actors exploiting a zero-day vulnerability in their VPN products to perform attacks on their ...

IoT security: Protect your home against cyberattacks

IoT security: Protect your home against cyberattacks

As your home becomes smarter and more connected, you're also more vulnerable to privacy cybersecurity threats. Here's how you can protect yourself.

Holiday scams to be aware of, and how to protect yourself

Holiday scams to be aware of, and how to protect yourself

"Don't overshare on Social Media. Sharing holiday memories with family and friends online is great, but don't give hackers a digital key to hijack your life." We have more information on ...