{“lastseen”:”2025-10-09T13:50:02″,”description”:”\\n\\nSonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service.\\n\\n\\”The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files could increase the risk of targeted attacks,\\” the company said.\\n\\nIt also noted that it’s working to notify all partners and customers, adding it has released tools to assist with device assessment and remediation. The company is also urging users to log in and check for their devices.\\n\\nThe development comes a couple of weeks after SonicWall urged customers to perform a credential reset after their firewall configuration backup files were exposed in a security breach impacting MySonicWall accounts.\\n\\nThe list of impacted devices available on the MySonicWall portal has been assigned a priority level to help customers prioritize remediation efforts. The labels are as follows -\\n\\n * Active \u2013 High Priority: Devices with internet-facing services enabled\\n * Active \u2013 Lower Priority: Devices without internet-facing services\\n * Inactive: Devices that have not pinged home for 90 days\\n\\n\\n\\n\\n\\nIt previously stated that the threat actors accessed backup firewall preference files stored in the cloud for less than 5% of its customers, while emphasizing that the credentials within those files were encrypted but that they also included \\”information that could make it easier for attackers to potentially exploit the related firewall.\\”\\n\\nUsers are advised to follow the steps below with immediate effect -\\n\\n * Log in to MySonicWall.com account and verify if cloud backups exist for registered firewalls\\n * If fields are blank, there is no impact\\n * If fields contain backup details, verify whether impacted serial numbers are listed in the account\\n * If Serial Numbers are shown, users should follow the containment and remediation guidelines for the listed firewalls\\n\\n\\n\\nSonicWall said in cases where customers have used the Cloud Backup feature but no Serial Numbers are shown or only some of the registered Serial Numbers are displayed, it will provide additional guidance in coming days.\\n\\nFound this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.\\n”,”published”:”2025-10-09T13:48:00″,”modified”:”2025-10-09T13:48:30″,”type”:”thn”,”title”:”Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks”,”source”:””,”references”:””,”id”:”THN:D07EDF430C7778BF3D991EEA8C07615D”,”bulletinFamily”:”info”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/thehackernews.com\/2025\/10\/hackers-access-sonicwall-cloud-firewall.html”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:”2025-10-09T13:50:02″,”description”:”\\n\\nSonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service.\\n\\n\\”The files contain…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,13,33,7,11,43,5],"class_list":["post-20807","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-news","tag-none","tag-security","tag-tapic","tag-thn","tag-vulnerability"],"yoast_head":"\n