The Register reports:
SonicWall on Monday confirmed that it’s investigating a rash of ransomware activity targeting its firewall devices, following multiple reports of a zero-day bug under active exploit in its VPNs.
“SonicWall is actively investigating a recent increase in reported cyber incidents involving a number of Gen 7 firewalls running various firmware versions with SSL VPN enabled,” a company spokesperson told The Register.
“These cases have been flagged both internally and by third-party threat research teams, including Arctic Wolf, Google Mandiant, and Huntress,” the spokesperson continued. “We are working closely with these organizations to determine whether the activity is tied to a previously disclosed vulnerability or represents a zero-day vulnerability.”
While the firewall vendor has yet to confirm a new bug, if and when it does spot a security flaw, SonicWall promised to release updated firmware and guidance “as quickly as possible.”
If you are a customer using Gen 7 firewalls, read the rest of The Register’s report to find out what you should do.
