(Image source: Sonicwall)
The global leader in security, NCC Group, firmly believes their core team has identified a range of active exploitations within SonicWall networking devices. The report of the exploitation came to light in the previous week. Moreover, the company is yet to reveal the necessary details concerning the exploitation, which might lead to potential attacks. In addition to this, the details regarding the nature of the attack have also not been made public.
NCC Group didn’t make the nature of the attacks public to safeguard the company’s devices from new actors to launch more sophisticated attacks. Rich Warren, a notable security researcher representing the NNC Group, revealed that, after witnessing the attack from a single actor, they had to develop ways to protect the networking devices. Further, NCC Group did some reverse engineering of the request path to find out the bug. Upon experimentation, they found out the bug which the attacker was allegedly using.
The tale of unconfirmed exploits
The team of researchers from NCC Group firmly believes that they’ve identified a similar zero-day vulnerability that the enigmatic attacker used. By the looks of it, the attacker also managed to get into the internal network of SonicWall. The company then disclosed the security breach on the 23rd of January 2021.
Among many devices, the 23 zero-day attacks also rendered Secure Mobile Access gateway infected. Governments and enterprise networks extensively use the SMA for providing an Intranet to employees who work remotely. At the time of writing, SonicWall is yet to admit the unconfirmed exploits’ nature and other details. However, the company is investigating potential vulnerabilities and providing users with new security updates from cybersecurity threats.
