Apple iOS Updated; SonicWall Cybersecurity Products Hacked

This alert contains information about security vulnerabilities addressed by Apple^® in its iOS^® 14.4 update, as well as the recent breach of SonicWall^® cybersecurity products.

Apple iOS Update Fixes Zero Day Vulnerabilities

Apple has released a security update to iOS (iOS 14.4), that includes fixes for three previously unrecorded (“zero-day”) vulnerabilities that have been reported as being actively exploited.

The vulnerabilities involve the use of the “WebKit” bug. Users are lured to a malicious site and inadvertently download the bug. The bug later runs code that impacts the operating system kernel and the browser engine. It escalates its own access privileges, and ultimately compromises the operating system and the security of user data.

The operating system update fixes the discovered vulnerabilities. Apple has not issued specific comments regarding the zero-day exploits.

ACA Guidance for Apple iOS

ACA Aponix recommends taking the following precautionary measures:

• Immediately apply the Apple 14.4 operating system update to all corporate-owned Apple devices.
• Advise staff to update all personal devices using Apple iOS.
• Strongly encourage third-party service providers to apply this update to their devices.
• Reinforce training and user knowledge re. the need for vigilance against phishing and other social engineering schemes.

SonicWall Cybersecurity Products Hacked

A breach has been reported by SonicWall, maker of VPN, firewall, and other cybersecurity products. In this breach, sophisticated attackers have exploited previously unrecorded (“zero-day”) vulnerabilities in the company’s products, enabling criminal access to private information the products were meant to protect.

Currently, the SMA 100 series of products is reported as being affected. Following investigation, the following products that had been thought to be affected have been deemed safe for use: SonicWall Firewalls, NetExtender VPN Client, SMA 1000 Series, and SonicWall SonicWave APs.

While a specific fix for the vulnerability has not yet been provided by SonicWall, they have issued instructions toward mitigating the danger while using the affected products. These instructions include the creation of specific access rules, and the use of multi-factor authentication (MFA). Instructions for different MFA scenarios are provided here, here, and here.

The extent of the breach is still under investigation by the company. SonicWall continues to update its notification page as further information is available.

ACA Guidance for SonicWall

ACA Aponix recommends taking the following actions regarding the discovered breach:

• If your firm is using the affected products, immediately follow the recommendations provided by SonicWall regarding access rules and MFA, as provided in its notification page.
• The recommendations can be of an involved nature that require IT and cybersecurity expertise. If necessary, reach out to ACA Aponix or other trusted third-party providers for assistance.
• Monitor system logs and other security resources for unusual activity.
• Assure that data backup and related resiliency plans are up-to-date and functional.
• Review and update existing incident response plans to prepare reaction in the event of a breach.
• Strongly encourage third-party vendors to follow directions and information related to this breach.
• Follow further SonicWall guidance as it becomes available.

How We Help

ACA Aponix offers the following solutions that can help your firm:

• Microsoft^® Office 365^® security assessment
• Threat intelligence
• Cyber incident response planning
• Cybersecurity and technology risk assessments
• Vendor management and due diligence
• Penetration testing and vulnerability assessments
• Policies, procedures and governance
• Phishing testing and cyber awareness

If you have any questions, please contact your ACA Aponix consultant or email us at info@acaaponix.com.