Imminent' ransomware targeting firmware, says Sonicwall
By MYBRANDBOOK
SonicWall sent out an urgent notice to its customers about "an imminent ransomware campaign using stolen credentials" that is targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life 8.x firmware.
In addition to the notice posted to its website, SonicWall sent an email to anyone using SMA and SRA devices, urging some to disconnect their devices immediately. They worked with Mandiant and other security companies on the issue, according to the release.
The company said, "The exploitation targets a known vulnerability that has been patched in newer versions of firmware. SonicWall PSIRT strongly suggests that organizations still using 8.x firmware review the information below and take immediate action."
SonicWall urged their users to update to the latest available SRA and SMA firmware, explaining that those who don't deal with the vulnerabilities are "at imminent risk of a targeted ransomware attack."
Anyone using SRA 4600/1600 (EOL 2019), SRA 4200/1200 (EOL 2016) or SSL-VPN 200/2000/400 (EOL 2013/2014) should disconnect their appliances immediately and change all associated passwords.
SonicWall said, "Organizations using the following end-of-life SMA and/or SRA devices running firmware 8.x should either update their firmware or disconnect their appliances per guidance below. If your organization is using a legacy SRA appliance that is past end-of-life status and cannot update to 9.x firmware, continued use may result in ransomware exploitation. The affected end-of-life devices with 8.x firmware are past temporary mitigations. Continued use of this firmware or end-of-life devices is an active security risk. To provide a transition path for customers with end-of-life devices that cannot upgrade to 9.x or 10.x firmware, we're providing a complimentary virtual SMA 500v until October 31, 2021."
InterGlobe’s Rahul Bhatia and C.P. Gurnani together announce
In a move that is set to transform the AI landscape, Rahul Bhatia, Group M...
Download masked Aadhaar to improve privacy
Download a masked Aadhaar from UIDAI to improve privacy. Select masking w...
Sterlite Technologies' Rs 145 crore claim against BSNL rejecte
An arbitrator has rejected broadband technology company Sterlite Technolog...
ID-REDACT® ensures full compliance with the DPDP Act for Indi
Data Safeguard India Pvt Ltd, a wholly-owned subsidiary of Data Safeguard ...
AMARA RAJA POWER SYSTEMS LTD.
HAVELLS INDIA LTD.
SAFE SECURITY SERVICES PVT. LTD.
VERSA NETWORKS INDIA PVT. LTD.
Technology Icons Of India 2023: Natarajan Chandrasekaran
Natarajan Chandrasekaran is the Chairman of the Board of Tata Sons, th...
Technology Icons Of India 2023: Sunil Bharti Mittal
Sunil Bharti Mittal is the Founder and Chairman of Bharti Enterprises,...
Technology Icons Of India 2023: Hari Om Rai
Hari Om Rai is the Co-founder, Chairman & Managing Director of Lava In...
New defence PSUs will help India become self-reliant
MIL, India’s biggest manufacturer and market leader is engaged in Pr...
STPI encouraging software exports from India
Software Technology Parks of India (STPI) is an S&T organization under...
ECIL continues to keep India ahead in the growth of Information Technology and Electronics
ECIL played a very significant role in the training and growth of high...
SAVEX TECHNOLOGIES PVT. LTD.
Savex Technologies is the 3rd largest Information & Communication Tec...
B D SOFTWARE
BD Software is the distributor of IT security solutions in India. The ...
WPG C&C COMPUTERS & PERIPHERALS PVT. LTD.
WPG C&C Computers & Peripherals (India) was incorporated in 2008 and ...