01-05-202103-05-2021

Security daily (02-05-2021)

Hackers Exploit SonicWall Zero-Day Bug in FiveHands Ransomware Attacks

An "aggressive" financially motivated threat group tapped into a zero-day flaw in SonicWall VPN appliances prior to it being patched by the company to deploy a new strain of ransomware called FIVEHANDS. The group, tracked by cybersecurity firm Mandiant as UNC2447, took advantage of an "improper SQL command neutralization" flaw in the SSL-VPN SMA100 product (CVE-2021-20016, CVSS score 9.8) that (The Hacker News)

01-05-202103-05-2021

/security-daily/ 03-05-2021 23:44:23