accroding to BleepingComputer: “zero-day vulnerability in their VPN products”

(so not FallOut of SolarWinds-orion-auto-update-software-supply-chain)

“…have information about hacking of a well-known firewall vendor and other security products by this they are silent and do not release press releases for their clients who are under attack due to several 0 days in particular very large companies are vulnerable technology companies,” BleepingComputer was told via email.

‘This person never responded to further emails.’

‘VPN vulnerabilities have been a popular method for threat actors to gain access to and compromise a company’s internal network.’

‘Once threat actors gain access, they spread laterally through the network while stealing files or deploying ransomware.’

src: https://www.bleepingcomputer.com/news/security/sonicwall-firewall-maker-hacked-using-zero-day-in-its-vpn-device/

  • of course SonicWall tries to not alarm too many users
  • successful attacks like these will damage customer’s trust in the safety of this company’s products
  • it will definitely result in massive amounts of costs for SonicWall customers,that hopefully have a reasonable recent backup (weekly?) of all data disconnected and off-site in a fire and emp proof safe
  • this could even lead to customers suing SonicWall which will result in cost that very well could sink “the ship” aka the whole company, which would be fatal for the 1600 employees. (April 2020)[1]

good luck all involved

Revenue US$265 million (2011)[1]
Owner Francisco Partners and Elliott Management
Number of employees
1600 (April 2020)[1]
Website www.sonicwall.com Edit this at Wikidata
admin