1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Thousands of SonicWall VPN devices are facing worrying security t

    From TechnologyDaily@1337:1/100 to All on Wednesday, December 18, 2024 20:30:05
    Thousands of SonicWall VPN devices are facing worrying security threats

    Date:
    Wed, 18 Dec 2024 20:16:00 +0000

    Description:
    Many SonicWall VPNs are running outdated and vulnerable software versions.

    FULL STORY ======================================================================BishopFo x scanned the internet for SonicWall VPNs and found hundreds of thousands
    that can be accessed via the internet Tens of thousands were running old, vulnerable software versions Some were past their end-of-life date, putting them at risk of attack

    Tens of thousands of SonicWall VPN firewall platforms are vulnerable to different flaws, putting their users at risk of remote exploitation, data breaches, privilege escalation, and more.

    Cybersecurity researchers at BishopFox scanned the internet with Shodan and BinaryEdge, and running proprietary scripts to analyze the returning data, discovered there were 430,363 endpoints exposed to the internet.

    While this doesnt necessarily mean theyre vulnerable, endpoints such as these ones should not be connected to the wider internet to begin with, since it means crooks could try to access them and look for holes. End of life

    "The management interface on a firewall should never be publicly exposed, as this presents an unnecessary risk," BishopFox said in its report. "The SSL
    VPN interface, although designed to provide access to external clients over the internet, should ideally be protected by source IP address restrictions."

    Drilling deeper, BishopFox found that almost 120,000 endpoints were running versions affected by serious vulnerabilities, including 25,485 endpoints with critical severity flaws, and 94,018 endpoints with high severity bugs. Furthermore, they said that 20,710 endpoints were running versions of the software that are no longer supported by the vendor.

    This presents a rather large attack surface that threat actors can exploit. SonicWall SSL VPN devices are often targeted in different campaigns,
    including the recent strikes by both Fog and Akira ransomware groups . These threat actors were abusing flaws to gain initial access to corporate
    networks, where they later deployed ransomware encryptors and wreaked havoc across enterprise infrastructure.

    To tackle the threat, businesses should make sure they are always running the latest versions of their software, and that their endpoints are still supported by their respective vendors.

    Via BleepingComputer You might also like Sneaky malware abuses CAPTCHA to bypass browser protections Here's a list of the best antivirus These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/thousands-of-sonicwall-vpn-devices-are- facing-worrying-security-threats


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)