SonicWall Suggests People Unplug Their End-of-life Gateways Under 'active Attack' By Ransomware Crims
SonicWall has warned that its older Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) gateways are being attacked in the wild by crooks to spread ransomware – and as some of those devices are end-of-life, don't expect any patches to protect them.
In an emergency alert on Wednesday, the networking biz said miscreants are "actively targeting" the equipment to, as we understand it, steal credentials from them to compromise networks for "an imminent ransomware campaign."
The SRA 4600/1600 (which went end-of-life in 2019), the SRA 4200/1200 (2016), and SSL-VPN 200/2000/400 (2013-2014) running firmware version 8.x are too out of date for SonicWall to patch, so users are told to unplug the gear and reset any account passwords that share the same credentials as the details may have been stolen.
The SMA 400/200, which is just about still supported, can be updated to firmware versions 10.2.0.7-34 or 9.0.0.10, which are said to be safe from the attacks, though you should still reset any associated passwords that may have been stolen, and enable multi-factor authentication where you can.
The SMA 210/410/500v, which is still supported, should be upgraded to version 10.2.0.7-34sv or 9.0.0.10-28sv to mitigate the vulnerabilities, though we're told they are not under active attack.
"Organizations that fail to take appropriate actions to mitigate these vulnerabilities on their SRA and SMA 100 series products are at imminent risk of a targeted ransomware attack," SonicWall advised.
"If your organization is using a legacy SRA appliance that is past end-of life status and cannot update to 9.x firmware, continued use may result in ransomware exploitation."
- If you want to practice writing exploits and worms, there's a big hijacking hole in SonicWall firewall VPNs
- As the world secures itself, so do crims: Encrypted malware on the rise, warns Sonicwall
- Microsoft warns of serious vulnerabilities in Netgear's DGN2200v1 router
- Un-Delled SonicWall beefs up firewall to wrestle ransomware
Funnily enough, for customers with gear that can't be fixed, SonicWall is offering "a complimentary virtual SMA 500v until October 31, 2021. This should provide sufficient time to transition to a product that is actively maintained." See the above advisory for details.
"SonicWall would like to thank Mandiant and their team of threat researchers for collaboration on this subject," it added. ®
Taking Flight: Volocopter's Quest To Revolutionize Urban Mobility Gains Momentum
Volocopter, a pioneering company in the field of urban air mobility, is on a mission to transform how people move around... Read more
OnlyFans Under The Microscope: Addressing Concerns Over Child Safety
Concerns Over Child SafetyOnlyFans' ResponseRegulatory ActionsCollaborative EffortsFuture DirectionsConclusion Read more
The AI Arms Race: Big Tech's Bid For Dominance In Artificial Intelligence
In the rapidly evolving landscape of technology, the race for dominance in artificial intelligence (AI) has intensified ... Read more
Decoding The Impact Of OpenAI's Sora Video Model On Industries And Jobs
In the realm of artificial intelligence, OpenAI's Sora video model stands out as a groundbreaking innovation, promising ... Read more
Apple Poaches Top Talent From Google To Strengthen AI Team
As artificial intelligence (AI) continues to shape the future of technology, companies are intensifying their efforts to... Read more
Meta's Bold Move: How Chatbots Are Reshaping The Tech Landscape
In a strategic pivot that has sent ripples across the tech industry, Meta has embarked on a bold journey into the realm ... Read more