Cyber Blog

SonicWall has announced that recent attacks targeting its firewalls, which protect networks and allow remote work through VPNs, are due to an old security flaw that has already been fixed. These attacks are not caused by a new, unknown vulnerability.

The company explained that the attacks are related to a security issue called CVE-2024-40766, which was first identified in August 2024. This flaw allowed attackers to potentially access protected systems without permission.

The company also pointed out that many of these attacks happened because people didn’t reset their passwords when upgrading their firewalls from older models. This step is very important to ensure that systems are protected.

To help prevent further attacks, SonicWall recommends the following:

1. Update your firewall software to the latest version (SonicOS 7.3.0).
2. Change all user passwords, especially those that were transferred from older devices.
3. Enable security features like Botnet Protection and Geo-IP Filtering.
4. Require multi-factor authentication (MFA) and strong passwords for users.
5. Remove any old, unused accounts.

This issue has gained attention recently as several security experts have reported a rise in attacks using this vulnerability, particularly those linked to a ransomware called Akira.