<img height="1" width="1" style="display: none" alt="" src="https://px.ads.linkedin.com/collect/?pid=1098858&amp;fmt=gif">

SonicWall Investigates Suspected Zero-Day as Hackers Bypass MFA on Firewalls

SonicWall is investigating a suspected zero-day vulnerability after hackers bypassed MFA on firewalls, deploying ransomware and a new backdoor. Immediate mitigation steps are recommended.
Content Team
By Content Team
Last updated:

SonicWall is investigating a potential zero-day vulnerability after a surge in ransomware attacks targeting its firewalls since mid-July. Google's threat intelligence team first spotted the campaign, where hackers deployed a new backdoor called Overstep on fully patched devices. The attacks affect Gen 7 SonicWall firewalls with SSLVPN enabled, particularly TZ and NSa-series models running firmware 7.2.0-7015 or earlier.

What's alarming: attackers bypassed multi-factor authentication and reached domain controllers within hours. SonicWall recommends immediately disabling SSLVPN services, limiting connectivity to trusted IPs, and updating all passwords while the investigation continues.

Source: Security Week
Share this article
Share on facebook Share on linkedin Share on twitter Share on email
blog_book_a_demo_cta_3x
Have questions about protecting your software?
Our escrow experts are standing by to help.
Book a free demo
YOU MAY ALSO LIKE
Cyberattacks
French Telecom Giant Bouygues Hit by Cyberattack Affecting 6.4 Million Customers
Aug 9, 2025
Vulnerabilities
Hackers Exploit Microsoft 365 Feature to Send Fake Internal Emails
Aug 9, 2025
Data breaches
Chanel Hit by Data Breach Through Third-Party Salesforce Attack
Aug 9, 2025
Ransomware
New Gunra Ransomware Gang Launches Advanced Linux Variant With 100-Thread Encryption
Aug 9, 2025