Threat Alert - SonicWall Firewalls with SSLVPN A zero-day vulnerability has confirmation of in-the-field exploitation. Please read the advisory and stay up to date on the vendor's postings, https://bit.ly/3IZts8A . A likely zero-day vulnerability in SonicWall VPNs is being actively exploited to bypass MFA and deploy ransomware," Huntress warned. "Huntress advises disabling the VPN service immediately or severely restricting access via IP allow-listing. We're seeing threat actors pivot directly to domain controllers within hours of the initial breach." If you are a healthcare company, please contact Clearwater if you need assistance in assessing or mitigating this risk.
