SonicWall released a security advisory to assist their customers with protecting systems impacted by the MySonicWall cloud backup file incident. SonicWall’s investigation found that a malicious actor performed a series of brute force techniques against their MySonicWall.com web portal to gain access to a subset of customers’ preference files stored in their cloud backups. While credentials within the files were encrypted, the files also included information that actors can use to gain access to customers’ SonicWall Firewall devices.
CISA recommends all SonicWall customers follow guidance in the advisory,[1] which includes logging into their customer account to verify whether their device is at risk. Customers with at-risk devices should implement the advisory’s containment and remediation guidance immediately.
[1] Sonicwall.com, MySonicWall Cloud Backup File Incident, accessed September 22, 2025, https://www.sonicwall.com/support/knowledge-base/mysonicwall-cloud-backup-file-incident/250915160910330.
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released eight Industrial Control Systems (ICS) Advisories. These advisories provide timely information about current…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released 10 Industrial Control Systems (ICS) advisories. These advisories provide timely information about current…
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…
CISA released one Industrial Control Systems (ICS) advisory on October 14, 2025. These advisories provide…
This website uses cookies.