An « aggressive » financially motivated threat group tapped into a zero-day flaw in SonicWall VPN appliances prior to it being patched by the company to deploy a new strain of ransomware called FIVEHANDS.
The group, tracked by cybersecurity firm Mandiant as UNC2447, took advantage of an « improper SQL command neutralization » flaw in the SSL-VPN SMA100 product (CVE-2021-20016, CVSS score 9.8) that
Source de l’article sur The Hacker News
