A ransomware group caught targeting a recently patched SonicWall vulnerability leveraged that vulnerability before the patch became available, Mandiant reported.
The vulnerability, a SQL injection bug in SonicWall’s SMA-100 series of remote access products, was already used in a headline-grabbing attack. Hackers used the vulnerability as a zero-day to breach SonicWall itself prior to the patch announcement in January. The latest findings show that another group also sought to take advantage.
NL 
EN