SonicWall said it confirmed an attack on its MySonicWall.com platform that exposed customers’ firewall configuration files — the latest in a steady stream of security weaknesses impacting the besieged vendor and its customers.
The company’s security teams began investigating suspicious activity and validated the attack “in the past few days,” Bret Fitzgerald, senior director of global communications at SonicWall, told CyberScoop. “Our investigation determined that less than 5% of our firewall install base had backup firewall preference files stored in the cloud for these devices accessed by threat actors.”
While SonicWall customers have been repeatedly bombarded by actively exploited vulnerabilities in SonicWall devices, this attack marks a new pressure point — an attack on a customer-facing system the company controls.
[...]
Attack on SonicWall’s cloud portal exposes customers’ firewall configurations
Attack on SonicWall’s cloud portal exposes customers’ firewall configurations
-
rbc
- Secretary
- Posts: 441
- Joined: Mon Oct 30, 2023 1:32 am
- Location: Vicksburg, MS
- ISC2 Member Status: Yes
- Contact:
Attack on SonicWall’s cloud portal exposes customers’ firewall configurations
Robert B. Carleton + ISC2 Central Mississippi Secretary