Wednesday , February 19 2025
SONIC WALL

BCSI BLOG POST
SonicWALL Vulnerability Traded; threating for Corporate network in Bangladesh

SonicWALL SSL-VPN provides secure remote access to an organization’s internal network and resources through an encrypted SSL connection. This kind of VPN is great for giving employees and partners secure access to internal applications and data from remote locations.

A hacker is selling a $1000 exploit that targets SonicWALL SSL-VPN systems. This exploit supposedly lets attackers get around two-factor authentication (2FA) and access records from the RADIUS base, which can lead to unauthorized access to sensitive information.

150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain

Indian government and educational websites, along with reputable financial brands, have experienced SEO poisoning, causing user traffic to be redirected...
Read More
150 Gov.t Portal affected  Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain

CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh

The Cyber Threat Intelligence Unit of BGD e-GOV CIRT has found 600 vulnerable PRTG instances in Bangladesh, affected by the...
Read More
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh

Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru

Amazon Web Services (AWS) has been named in an FIR after a builder claimed damages to the tune of Rs...
Read More
Builder claims Rs 150 cr for data loss;  AWS faces FIR In Bengaluru

CISA Warns Active Exploitation of Apple iOS Security Flaw

CISA has issued an urgent warning about a critical zero-day vulnerability in Apple iOS and iPadOS, known as CVE-2025-24200, which...
Read More
CISA Warns Active Exploitation of Apple iOS Security Flaw

Massive IoT Data Breach Exposes 2.7 Billion Records

A major IoT data breach has exposed 2.7 billion records, including Wi-Fi network names, passwords, IP addresses, and device IDs....
Read More
Massive IoT Data Breach Exposes 2.7 Billion Records

SonicWall Firewall Auth Bypass Vulnerability Exploited in Wild

A serious authentication bypass vulnerability in SonicWall firewalls, called CVE-2024-53704, is currently being exploited, according to cybersecurity firms. The increase...
Read More
SonicWall Firewall Auth Bypass Vulnerability Exploited in Wild

AMD Patches High-Severity SMM Vulns Affecting EPYC and Ryzen Processors

AMD has released security patches for two high-severity vulnerabilities in its System Management Mode (SMM). If exploited, these could let...
Read More
AMD Patches High-Severity SMM Vulns Affecting EPYC and Ryzen Processors

Lazarus Group Unleashes New Malware Against Developers Worldwide

Lazarus Group has initiated a complex global campaign aimed at software developers and cryptocurrency users. Operation Marstech Mayhem uses the...
Read More
Lazarus Group Unleashes New Malware Against Developers Worldwide

Daily Security Update Dated : 15.02.2025

Every day a lot of cyberattack happen around the world including ransomware, Malware attack, data breaches, website defacement and so...
Read More
Daily Security Update Dated : 15.02.2025

Salt Typhoon to target Bangladeshi Universities, One identified

RedMike (Salt Typhoon) targeted university devices in Bangladesh, likely to access research in telecommunications, engineering, and technology, especially from institutions...
Read More
Salt Typhoon to target Bangladeshi Universities, One identified
Source: BCSI

Exposed Information Includes:

User cookies
Login credentials
Passwords
Domain information
Active Directory Rules details
Previous SonicWALL Exploits

BSCI said, according to Shodan search, there found 199 IP using SonicWall SSL-VPN on various organization in Bangladesh but may have more, they may be the target point of the bad actors if cant take stern action to secure.

Source: BSCI

According to Bangladesh cyber security intelligence (BSCI), The exploit is capable to bypasses 2FA, compromising a key security measure, Accesses RADIUS base records to retrieve sensitive data.

In 2021, hackers breached SonicWall’s SMA 100 series VPN appliances through zero-day vulnerabilities and a critical vulnerability was found in SonicWall’s SMA and SRA products, enabling attackers to gain control over affected systems by executing arbitrary code in 2029.

It’s important to quickly deal with security issues and keep all network security products updated with the latest patches.

Over a million users have been affected by the info stealer. Their data has been sold on the dark web, including sensitive information from corporations, financial institutions, and government organizations.

Hackers can use stolen credentials and an exploit called SonicWALL SSL-VPN to access classified information and cause data breaches. They can also launch ransomware attacks on organizations.

BCSI recommends staying alert and constantly checking their security systems for any strange activity, around the clock.

Check Also

SMM

AMD Patches High-Severity SMM Vulns Affecting EPYC and Ryzen Processors

AMD has released security patches for two high-severity vulnerabilities in its System Management Mode (SMM). …

Leave a Reply

Your email address will not be published. Required fields are marked *