This is not your Cyber Scareware or Tech Tip Tuesday… This is for all IT providers and Businesses that use Sonicwall Firewalls. Sonicwall has released this advisory that hackers are exploiting their firewalls and gaining access to customer networks through SSL VPN. See the official post from Sonicwall https://www.sonicwall.com/support/notices/gen-7-sonicwall-firewalls-sslvpn-recent-threat-activity/250804095336430
Questions to see if you are vulnerable:
- Do you have a Sonicwall Firewall in your network? If Not, then thank you for reading but no need to go further.
- Has your IT Dept or MSP brought this up to you?
- Is your Firewall very old and not maintaned?
- Are you unsure what you have and don’t have someone to check?
If you do not have somone to login to your Firewall to turn this off and later apply a firmware when released to close this exploit, reach out to me here on our contact page or click my calendar for us to connect https://giaspace.timezest.com/robert-giannini/teamsmeeting
GiaSpace has made it a mission to retire the VPNs and go with Zero Trust systems. We went with Trugrid to have our clients connect remotely. VPN username and passwords are rarely maintaned. We have found clients with active accounts in their firewalls from people who have not worked for the company for years and the passwords were never changed. For those who love Technical Jargon Huntress has you covered https://www.huntress.com/blog/exploitation-of-sonicwall-vpn
Published: Aug 6, 2025
