Hackers exploit SonicWall email security vulnerability


Join Transform 2021 this July 12-16. Register for the AI event of the year.


(Reuters) Hackers have targeted customers of California-based network services firm SonicWall via a previously undisclosed vulnerability in its email security product, the company and cybersecurity firm FireEye said Tuesday.

In a statement, SonicWall said that the vulnerability had been exploited in the wild, meaning hackers had already used the flaw to break into target systems. SonicWall urged customers to immediately upgrade to a version that patched the hole.

The intrusions are the latest in a string of hacks using third-party provided software and hardware in the United States. The most notable the compromise of SolarWinds by alleged Russian hackers last year has raised concerns about the ability of end users to vet the security of their devices and their programs.

Last month, it was disclosed that an unknown number of Microsoft customers had been compromised after an allegedly Chinese hacking group made use of serious vulnerabilities in the companys email server software.

Just last week, a breach with potentially serious knock-on consequences was reported at San Francisco-based software auditing firm Codecov. Earlier on Tuesday, hackers were outed for exploiting a serious vulnerability in VPN devices made by Utah-based IT firm Ivanti.

In SonicWalls case, hackers could have used the weakness to easily gain a pretty significant foothold in their targets networks, said Charles Carmakal, a senior vice president of Mandiant, an arm of FireEye. He said his firm didnt have a clear idea of who the hackers were and said that he was aware of fewer than five victims.

SonicWall did not immediately respond to a Reuters call for comment.

VentureBeat

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact.

Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:

  • up-to-date information on the subjects of interest to you
  • our newsletters
  • gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
  • networking features, and more

Become a member



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *