ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Cracks in the wall."
Episode Synopsis
This week, we are joined by Jamie Levy, Director of Adversary Tactics at Huntress, who is discussing their work on "Active Exploitation of SonicWall VPNs." Huntress has released an urgent threat advisory on active exploitation of SonicWall VPNs, with attackers bypassing MFA, pivoting to domain controllers, and ultimately deploying Akira ransomware. The campaigns involve techniques such as disabling defenses, clearing logs, credential theft, and Bring Your Own Vulnerable Driver (BYOVD) attacks with legitimate Windows drivers.
Organizations using SonicWall devices are strongly advised to disable SSL VPN access or restrict it via IP allow-listing, rotate credentials, and hunt for indicators of compromise as this remains an ongoing and evolving threat.
Complete our annual audience survey before August 31.
The research can be found here:
Huntress Threat Advisory: Active Exploitation of SonicWall VPNs
Learn more about your ad choices. Visit megaphone.fm/adchoices
Organizations using SonicWall devices are strongly advised to disable SSL VPN access or restrict it via IP allow-listing, rotate credentials, and hunt for indicators of compromise as this remains an ongoing and evolving threat.
Complete our annual audience survey before August 31.
The research can be found here:
Huntress Threat Advisory: Active Exploitation of SonicWall VPNs
Learn more about your ad choices. Visit megaphone.fm/adchoices
More episodes of the podcast Research Saturday
Excel-lerating cyberattacks.
27/12/2025
The lies that let AI run amok.
20/12/2025
Root access to the great firewall.
13/12/2025
When macOS gets frostbite.
06/12/2025
A new stealer hiding behind AI hype.
29/11/2025
Two RMMs walk into a phish…
22/11/2025
When clicks turn criminal.
15/11/2025
A fine pearl gone rusty.
08/11/2025
Attack of the automated ops.
01/11/2025
A look behind the lens.
25/10/2025
In God we trust