The post offered for sale data purportedly stolen from SonicWall. Resecurity's Hunter Unit specializes in gaining intelligence from cybercrime actors via human intelligence and observing dark web forums. Just a day after SonicWall's announcement, a post went up from someone going by the nickname "SailorMorgan32," says Gene Yoo, CEO of Los Angeles-based Resecurity. The first clue comes from a posting made on a well-known Russian-language cybercriminal forum. Instead, SonicWall sent this statement on Tuesday: SonicWall's statement. But the company was made aware of the content of this column before publication. SonicWall declined to answer questions from ISMG about this specific situation. But there are strong indications that SonicWall may have been targeted by an extortion attempt, and it is declining to answer if it paid a ransom.
Since that time, SonicWall has issued a patch for a zero-day vulnerability and updates for its SMA 100 remote access product, including new firmware on Friday.Ĭuriously, SonicWall hasn't said much about the extent and damage of the breach since its announcement. 22, SonicWall said intruders had likely used zero-day vulnerabilities in its own remote access product, Secure Mobile Access, to access its own internal systems (see: SonicWall Investigating Zero-Day Attacks Against Its Products). But there are strong indications that SonicWall may have been targeted by an extortion attempt.īut when a breach and subsequent extortion attempt actually happen, the reality is often a lot messier.
Curiously, SonicWall hasn't said much about the extent and damage of its own breach since its announcement. It also promotes a cybercrime business model: When one pays, it's likely that other victims may pay with the right pressure. (Photo: Arctecinc)Ĭybersecurity companies advise their clients not to pay ransoms for good reasons: Pay once and the attackers may come back with their hand out again. Eventually hotfixes releases are integrated into the Maintenance/General release.Inside SonicWall's headquarters in Milpitas, California. Hotfix releases contain the latest fixes and patches, and are provided to customers who are looking to address specific issues.This type of release moves into a General Release after the maturity criteria is met.
Initial release software is the first release of a new product.
Refer to the release notes for full details. It has not yet reached a level of maturity required for a General Release and should be evaluated in a lab network environment first before deployment to a production environment.