
Security Flaw Found in Business Network Equipment: Does Your Employer Need to Act?
Hackers can exploit serious weaknesses in SonicWall equipment used by many companies for remote work access, giving them complete control of business systems.
Source
Dark Reading
Original headline: Inc Ransomware Exploits SonicWall SMA Zero-Days
Plain-English summary by GetCyberRight. Read the full report at the source above.
Security researchers discovered serious security flaws in SonicWall equipment that many companies use to let employees work from home safely. When combined, these two weaknesses allow hackers to take complete control of the equipment. A ransomware group called Inc Ransomware is already using these flaws to attack businesses. This primarily affects companies and organizations, not home internet users. If your employer uses SonicWall SMA appliances for remote access (the technology that lets you log into work systems from home), your company's data could be at risk. This could eventually affect you if hackers steal employee information or disrupt your ability to work. Schools, hospitals, and government offices that use this equipment are also at risk.
Here is what you should do right now:
- If you work remotely, alert your IT department or manager about this security issue with SonicWall SMA equipment. Share this information even if you are not sure what equipment your company uses.
- Be extra careful about work emails and attachments right now. Hackers often follow up technical attacks with phishing emails to employees.
- Make sure you are using strong, unique passwords for your work accounts and have two factor authentication turned on.
- Back up any important work files you keep on your personal computer to a separate location. For ongoing protection at work, never reuse passwords between your personal and work accounts. If your company experiences a security incident, hackers often try to use stolen work credentials to access employees' personal email and banking accounts. Keep work and personal digital lives separate whenever possible.
Curated from trusted cybersecurity sources by GetCyberRight
Source: Dark ReadingStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

Abbott Medical Testing Company Investigating Data Breaches: What Patients Should Know
Abbott Laboratories is dealing with two separate security incidents that may have exposed patient information from their diagnostic testing services.
2 min read
Abbott probes two cyber incidents amid extortion claims
Abbott Laboratories is investigating two separate cybersecurity incidents after confirming unauthorized access to internal legacy Exact Sciences systems in its Cancer Diagnostics business, while also
1 min read
Inc Ransomware Exploits SonicWall SMA Zero-Days
When chained together, the two vulnerabilities allow threat actors to gain root-level capabilities on SonicWall's mobile access appliances.
1 min readCollege Learning Platform Canvas Still Working Through Data Breach: What Students and Parents Need to Know
Instructure's Canvas breach investigation is taking longer than expected. Schools are just now getting details about what student data was exposed.
2 min read