"SonicWall Network Attacked via Zero Day in Its Secure Access Solution"

The cybersecurity company SonicWall has announced that highly sophisticated threat actors targeted its secure remote access products. SonicWall's product line includes security solutions for networks, remote access, email, cloud technology, and endpoints. SonicWall revealed that attackers might have exploited zero-day flaws in its Secure Mobile Access (SMA) 100 Series, specifically SMA client version 10.x running on SMA 200, SMA 210, SMA 400, SMA 410 physical appliances, and the SMA 500v virtual appliance. Affected SonicWall customers are advised to use only SSL-VPN connections to the SMA appliance from whitelisted IPs, enable multi-factor authentication (MFA) on all SonicWall SMA accounts, and more. This article continues to discuss the coordinated attack on SonicWall's internal systems involving the exploitation of zero-day vulnerabilities contained by some of its remote access products as well as mitigation guidelines provided to customers by the company. 

SC Media reports "SonicWall Network Attacked via Zero Day in Its Secure Access Solution"