According to a recent LinkedIn post from Huntress, the company has observed a sharp increase in compromises of SonicWall SSLVPN devices, citing activity from specific IP addresses associated with WholeSale Internet and Clouvider. The post notes that, within 24 hours, threat actors from these addresses attempted brute-force logins against 58 organizations and successfully authenticated to multiple devices across six organizations.
Meet Samuel – Your Personal Investing Prophet
- Start a conversation with TipRanks’ trusted, data-backed investment intelligence
- Ask Samuel about stocks, your portfolio, or the market and get instant, personalized insights in seconds
The LinkedIn post suggests attackers may be using pre-existing username and password combinations, as some accounts were accessed on the first attempt. Huntress indicates it is continuing to track the spike in SSLVPN compromises across its customer base and encourages partners to deploy SIEM and export SonicWall logs, while also promoting a free trial for additional coverage over a long weekend.
For investors, the activity described in the post underscores rising demand drivers for managed detection and response, SIEM, and related security services focused on remote-access infrastructure. Heightened attack activity against widely deployed SSLVPN devices could strengthen Huntress’s value proposition to existing and prospective customers, potentially supporting revenue growth, though it may also increase the competitive intensity among cybersecurity vendors targeting this segment.