A managed security provider detected widespread credential attacks on SonicWall SSLVPN devices, with over 100 accounts compromised across multiple customer environments. The attacks involved rapid authenticating attempts using valid credentials, and are possibly unrelated to the recent SonicWall backup breach. #SonicWall #SSLVPN #CredentialTheft
Keypoints
-
<li The attacks targeted SonicWall SSLVPN devices and began around October 4.
<li Over 100 accounts across 16 customer environments were affected by October 10.
<li Threat actors used valid credentials rather than brute-force methods to access devices.
<li Recommendations include resetting secrets, limiting remote access, and enforcing MFA.
<li SonicWall has not confirmed a link between these attacks and the recent backup breach.
Read More: https://thecyberexpress.com/credential-attacks-on-sonicwall-sslvpn-devices/