SonicWall has identified that threat actors are actively exploiting a vulnerability in Secure Mobile Access (SMA) and Secure Remote Access (SRA) devices running End-of-Life and unpatched firmware version 8.x. These devices are being targeted as part of a ransomware campaign with stolen credentials.
Devices running SMA 1000 series or SRA or SMA 100 series with 9.x and 10.x firmware are not affected by this campaign. But it is still advised to follow best practices.
We at K7 Computing are strongly advising our customers who are using SonicWall SMA and SRA products to patch and update all the devices and reset all the user credentials.
SonicWall has recommended the following mitigation steps to protect your network.