The record on this company and its lack of prudence speaks volumes. There are others out there who have the same issues that should be out of business as well. Keeping their infrastructure patched and getting rid of sloppy coded software / vulnerable hardware isn’t a priority.
AI Overview
SonicWall has been the target of multiple data breaches and security vulnerabilities. Notably, the healthcare sector has been severely impacted, with 14 million patients affected by malware breaches. Additionally, several vulnerabilities have been identified in SonicWall’s SMA100 SSL-VPN devices, including those exploited by the UNC6148 group.
Here’s a more detailed look:
Key Issues:
- Healthcare Sector Vulnerability:
A significant portion of healthcare breaches in the U.S. involve ransomware, with 91% of attacks using this method, according to a SonicWall report.
- Malware Breaches:
14 million patients in the U.S. healthcare sector have been victims of malware breaches, highlighting the severity of the situation.
Several vulnerabilities in the SonicWall SMA100 SSL-VPN have been identified, with some being actively exploited.
- UNC6148 Group:
The UNC6148 group has been linked to the exploitation of SonicWall SMA appliances, potentially using a zero-day vulnerability to deploy the OVERSTEP rootkit.
- Ransomware Attacks:
Increased ransomware activity, including Fog and Akira, has been observed and linked to SonicWall SSL-VPN exploitation, according to Arctic Wolf.
A critical improper access control vulnerability (CVE-2024-40766) in SonicWall SonicOS was identified, potentially allowing unauthorized resource access.
SonicWall firewall devices hit in surge of Akira ransomware attacks
SA