SonicWall warns of imminent ransomware attack


Friday, 16 July, 2021
SonicWall warns of imminent ransomware attack

SonicWall, a network and cybersecurity appliance provider, has issued an urgent notice about “an imminent ransomware campaign using stolen credentials”.

Threat actors are actively targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life (EOL) 8.x firmware, the company said.

“The exploitation targets a known vulnerability that has been patched in newer versions of firmware.”

The company’s product security incident response team (PSIRT) is strongly suggesting organisations still using 8.x firmware review the information provided and “take immediate action”. The SMA 1000 series products are not affected by the notice, which is specifically for the SMA 100 and the older SRA series (reference lists for current SMA products and end-of-life products).

“Customers with SRA and/or SMA 100 series with 9.x and 10.x firmware should continue to follow best practices such as update to the latest available SMA firmware or update to the latest SRA firmware, and enable multifactor authentication (MFA).

“The affected end-of-life devices with 8.x firmware are past temporary mitigations. Continued use of this firmware or end-of-life devices is an active security risk.

“Organisations that fail to take appropriate actions to mitigate these vulnerabilities on their SRA and SMA 100 series products are at imminent risk of a targeted ransomware attack.”

Those using the following end-of-life SMA and/or SRA devices running firmware 8.x should either update their firmware or disconnect their appliances per guidance provided here, the company said.

“Organisations using a legacy SRA appliance that is past end-of life status and cannot update to 9.x firmware, continued use may result in ransomware exploitation.

“To provide a transition path for customers with end-of-life devices that cannot upgrade to 9.x or 10.x firmware, we’re providing a complimentary virtual SMA 500v until October 31, 2021. This should provide sufficient time to transition to a product that is actively maintained,” SonicWall said.

Image credit: ©stock.adobe.com/au/Maksim Smeljov

Related News

Veeam buys ransomware response company Coveware

Veeam has arranged to augment its cyber extortion incident response capabilities with the...

Commvault arranges to buy Appranix

Cyber resilience provider Commvault plans to leverage its acquisition of Appranix to help...

Fujitsu establishes security consulting division

Fujitsu's new digital security consulting division will help organisations prepare for and...

Content from other channels on our network

Drive the future of transportation with SCHURTER

Australia's largest electronics expo returns to Sydney

Robotic lab enhances battery manufacturing

Machine learning used to create fabric-based touch sensor

Hybrid sodium-ion battery can be charged in a few minutes

Central Highlands Water chooses Infor for ERP

The benefits and risks of AI usage in the public sector

Cobalt Iron earns patent on analytics-based dynamic authorisation control

Shoalhaven City Council uses AI to deliver safer roads to the community

Smart technologies: helping councils improve community services and sustainability

LAPP ÖLFLEX CLASSIC 110 control cables empower industrial connectivity

Delivering Dependable Fibre Optic Solutions for Challenging Environments through Enhanced Beam Cable Assemblies

Indonesia moves towards power grid resilience

Qld networks launch powerline safety campaign

Virtual power plants installed at regional schools

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd