SonicWall zero-day exploited in the wild



Cyber-security firm the NCC Group said on Sunday that it detected active exploitation attempts against a zero-day vulnerability in SonicWall networking devices.

Details about the nature of the vulnerability have not been made public to prevent other threat actors from studying it and launching their own attacks.

NCC researchers said they notified SonicWall of the bug and the attacks over the weekend.

The researchers believe they identified the same zero-day vulnerability that a mysterious threat actor used to gain access to SonicWall’s own internal network in a security breach the company disclosed on January 23.

Read more…