This article has been indexed from SANS Internet Storm Center, InfoCON: green
Devices and applications used to provide remote access are juicy targets. I've already been involved in many ransomware cases and most of the time, the open door was an unpatched VPN device/remote access solution or weak credentials. A good example, the recent attack against the Colonial Pipeline that started with a legacy VPN profile[1].
Read the original article: Sonicwall SRA 4600 Targeted By an Old Vulnerability, (Fri, Jun 11th)