UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances as part of a campaign designed to drop a backdoor called OVERSTEP.
The malicious activity, dating back to at least October 2024, has been attributed by the Google Threat Intelligence Group (GTIG) to a group it tracks as UNC6148.
The tech giant assessed with

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Critical Golden dMSA Attack in Windows Server 2025 Enables Cross-Domain Attacks and Persistent Access

Next Post

Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code

Related Posts
Total
0
Share