Emotet now drops Cobalt Strike, fast forwards ransomware attacks
SonicWall ‘strongly urges’ customers to patch critical SMA 100 bugs
Grafana fixes zero-day vulnerability after exploits spread over Twitter
Microsoft starts rolling out redesigned Notepad for Windows 11
Amazon is shutting down web ranking site Alexa.com
New Windows 11 Voice Access lets you control the OS with your voice
Windows 11 can now install WSL from the Microsoft Store
Microsoft: Secured-core servers help prevent ransomware attacks
Qualys BrowserCheck
STOPDecrypter
AuroraDecrypter
FilesLockerDecrypter
AdwCleaner
ComboFix
RKill
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Toksearches.xyz Search Redirect
Remove the Smashapps.net Search Redirect
Remove the Smashappsearch.com Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
eLearning
IT Certification Courses
Gear + Gadgets
Security
SonicWall ‘strongly urges’ customers to patch critical SMA 100 bugs
SonicWall ‘strongly urges’ organizations using SMA 100 series appliances to immediately patch them against multiple security flaws rated with CVSS scores ranging from medium to critical.
The bugs (reported by Rapid7’s Jake Baines and NCC Group’s Richard Warren) impact SMA 200, 210, 400, 410, and 500v appliances even when the web application firewall (WAF) is enabled.
The highest severity flaws patched by SonicWall this week are CVE-2021-20038 and CVE-2021-20045, two critical Stack-based buffer overflow vulnerabilities that can let remote unauthenticated attackers execute as the ‘nobody’ user in compromised appliances.
Other bugs patched by the company on Tuesday enable authenticated threat actors to gain remote code execution, inject arbitrary commands, or upload crafted web pages and files to any directory in the appliance following successful exploitation.
However, the most dangerous one if left unpatched is CVE-2021-20039. This high severity security issue can let authenticated attackers inject arbitrary commands as the root user leading to a remote takeover of unpatched devices.
Luckily, SonicWall says that it hasn’t yet found any evidence of any of these security vulnerabilities being exploited in the wild.
“SonicWall urges impacted customers to implement applicable patches as soon as possible,” the company says in a security advisory published Tuesday.
Customers using SMA 100 series appliances are advised to immediately log in to their MySonicWall.com accounts to upgrade the firmware to versions outlined in this SonicWall PSIRT Advisory.
Upgrade assistance on how to upgrade the firmware on SMA 100 appliances is available in this knowledgebase article or by contacting SonicWall’s support.
To put the importance of patching these security flaws into perspective, SonicWall SMA 100 appliances have been targeted by ransomware gangs multiple times since the start of 2021.
For instance, Mandiant said in April that the CVE-2021-20016 SMA 100 zero-day was exploited to deploy a new ransomware strain known as FiveHands starting with January when it was also used to target SonicWall’s internal systems. Before patches were released in late February 2021, the same bug was abused indiscriminately in the wild.
In July, SonicWall also warned of the increased risk of ransomware attacks targeting unpatched end-of-life SMA 100 series and Secure Remote Access products. However, CrowdStrike, Coveware security researchers, and CISA warned that SonicWall appliances were already targeted by HelloKitty ransomware.
SonicWall’s products are used by over 500,000 business customers from 215 countries and territories worldwide, many deployed on the networks of the world’s largest companies and government agencies.
QNAP warns users of bitcoin miner targeting their NAS devices
FBI: Cuba ransomware breached 49 US critical infrastructure orgs
FBI: Online shoppers risk losing over $53M to holiday scams
Mediatek eavesdropping bug impacts 30% of all Android smartphones
Malware now trying to exploit new Windows Installer zero-day
Not a member yet? Register Now
Google disrupts massive Glupteba botnet, sues Russian operators
Grafana fixes zero-day vulnerability after exploits spread over Twitter
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.

source