Ransomware Alert! SonicWall Asks Users to Fix Flaws in SRA and…

Ransomware Alert! SonicWall Asks Users to Fix Flaws in SRA and…

flaws in SonicWall SRA SMA

Read Aloud

Ransomware attacks have become sophisticated and continue to affect the cybersecurity community. The constant development of security defenses has become imperative for organizations amidst evolving attack vectors. Addressing unpatched flaws and monitoring security alerts in the systems can help mitigate the risks. Recently, security solutions provider SonicWall issued an emergency notice warning its customers of a ransomware campaign exploiting unpatched vulnerabilities in Secure Mobile Access (SMA) 100 series, Secure Remote Access (SRA) products, and end-of-life 8.x firmware.

SonicWall stated that attackers leveraged stolen credentials to exploit the known vulnerabilities; however, they have been fixed in the newer versions of firmware. The company urged its customers to update the vulnerable SMA and SRA devices as early as possible due to the risk of potential ransomware attacks.

Mitigation

As an immediate security measure, SonicWall asked enterprises using the vulnerable end-of-life SMA and SRA devices running firmware 8.x to either update or disconnect the services. The vulnerable products include:

  • SRA 4600/1600 (EOL 2019)
  • SRA 4200/1200 (EOL 2016)
  • SSL-VPN 200/2000/400 (EOL 2013/2014)
  • SMA 400/200 
  • SMA 210/410/500v

“The affected end-of-life devices with 8.x firmware are past temporary mitigations. Continued use of this firmware or end-of-life devices is an active security risk. Organizations that fail to take appropriate actions to mitigate these vulnerabilities on their SRA and SMA 100 series products are at imminent risk of a targeted ransomware attack,” SonicWall warned.

SonicWall also recommended users reset all passwords linked to SMA and SRA systems and enable multifactor authentication as an additional security measure.

Unpatched Bugs – An Imminent Threat

In a similar emergency directive, the Cybersecurity and Infrastructure Security Agency (CISA) warned federal agencies to address a zero-day vulnerability in Windows Print Spooler, which is being exploited in the wild.

CISA issued the alert after Microsoft raised a red flag about the flaw, dubbed PrintNightmare. The remote code execution (RCE) flaw CVE-2021-34527 could allow a remote hacker to disrupt the Windows Print Spooler operations. Read More Here…

NEWEST POSTS

Our trusted sources

We only publish news from well-known cybercrime magazines via RSS. You will find here everything about hackers & cybercrime. Also you can visit the direct sources from us.

Just click on one of the buttons.

PROTECT YOURSELF

Check out our Guidebook page.  And read everything about it.  Also how to protect yourself from hacker attacks.  An all in one thing.