All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of January 24, 2022. We’ve also included the comments from a few folks here at Tripwire VERT.

SonicWall Discloses Cause of Next-Gen Firewall Reboot Loops

SonicWall revealed that “certain firewalls running SonicOS 7.0 were not able to correctly process the signature update published on Jan. 20.” This caused devices in the company’s Gen 7 firewall series to run in a reboot loop, as reported by Bleeping Computer. After initially providing a workaround, SonicWall said that it had updated the signatures to address the issue.

Andrew Swoboda | Senior Security Researcher at Tripwire

SonicWall firewalls were put into denial-of-service-type conditions by an issue with a signature update. The firewall would check for an update, and the signature update would cause the system to reboot. Once the reboot process finished, the device would check for another signature update, and the device would reboot again. Firewalls that were affected by this needed to disable automatic updates and apply an update that SonicWall produced.

Attackers Using Malicious QR Codes to Steal Money, Warns FBI

On January 23, Bleeping Computer covered a public service announcement (PSA) that detailed an emerging attack technique. The FBI explained that malicious actors are tampering with legitimate QR codes used by businesses for payment purposes. Subsequently, the modified QR codes redirect users to malicious websites designed to steal these individuals’ personal information and/or financial details.

Andrew Swoboda | Senior Security Researcher at Tripwire

It is always important to not trust links that other people have sent you. This also includes using QR codes as a way to navigate the internet. Malicious QR (Read more...)