UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit – Source:thehackernews.com

July 16, 2025
Post Author / Publisher: The Hacker News

CISO2CISO post categories: backdoors, Cyber Security News, rss-feed-post-generator-echo, The Hacker News

Rate this post

Source: thehackernews.com – Author: .

A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances as part of a campaign designed to drop a backdoor called OVERSTEP.
The malicious activity, dating back to at least October 2024, has been attributed by the Google Threat Intelligence Group (GTIG) to a hacking crew it tracks as UNC6148. The number of known

Original Post url: https://thehackernews.com/2025/07/unc6148-backdoors-fully-patched.html

Category & Tags: –

Views: 3

CISO2CISO post categories: backdoors, Cyber Security News, rss-feed-post-generator-echo, The Hacker News

CISO2CISO Notepad Series

How Can We Structure Cybersecurity Teams To Better Integrate Security In Agile At Scale?

How Can We Structure Cybersecurity...

Linux Basics for Hackers by Occupytheweb

Linux Basics for Hackers by...

Digital Forensics and Incident Response (DFIR) Framework for Operational Technology (OT) by NIST – Eran Salfati and Michael Pease

Digital Forensics and Incident Response...

Top 10 TED Talks to Learn about Cyber Security

Top 10 TED Talks to...

NCSC Cyber Security for Small Business “SMEs” Guide.

NCSC Cyber Security for Small...

Practical DevSecOps

API Security Fundamentals – Your Handy Guide to Building an Unhackable System by practical-devsecops.com

API Security Fundamentals – Your...

Marcos Jaimovich

Nuevo Firewall para IA , un Cacharro nuevo para nuestro SOC y los equipos de Ciberseguridad !

Nuevo Firewall para IA ,...

The 2024 CISO Burnout Report by Vendict

The 2024 CISO Burnout Report...

Mohammad Alkhudari

Cybersecurity Strong Strategy step by step Guide collected by Mohammad Alkhudari 2024

Cybersecurity Strong Strategy step by...

Marcos Jaimovich

The Silent Spectre Haunting Your Network: QPhishing, the CISO’s Unspoken Nightmare.

The Silent Spectre Haunting Your...

Marcos Jaimovich

Goodbye to Traditional: Why Conventional Cybersecurity Tools are No Longer Sufficient for the Future of Digital Threats ?

Goodbye to Traditional: Why Conventional...

Marcos Jaimovich

Why do we compare a SOC (Security Operations Center) with the cockpit of a commercial airplane? by Marcos Jaimovich

Why do we compare a...

Retail Threat Landscape Report Q1-Q3 – November 2024 Summary by Cyberint a Check Point Company

Retail Threat Landscape Report Q1-Q3...

Protecting Critical Supply Chains – A Guide to Securing your Supply Chain Ecosystem

Protecting Critical Supply Chains –...

Time to Adapt – The State of Human Risk Management in 2024 by Culture AI.

Time to Adapt – The...

National Cyber Security Centre

Engaging with Boards to improve the management of cyber security risk.

Engaging with Boards to improve...

Microsoft Security

2024 State of Multicloud Security Report by Microsoft Security

2024 State of Multicloud Security...

Inside the Mind of a CISO 2024 The Evolving Roles of Security Leaders 2024 by bugcrowd

Inside the Mind of a...

Mohammad Alkhudari

Cybersecurity Strong Strategy step by step Guide collected by Mohammad Alkhudari 2024

Cybersecurity Strong Strategy step by...

CISO’s Playbookto Cloud Security by Lacework

CISO’s Playbookto Cloud Security by...

MITRE - Carson Zimmerman

Ten Strategies of a World-Class Cybersecurity Operations Center by MITRE

Ten Strategies of a World-Class...

SILVERFRONT - AIG

Identity Has Become the Prime Target of Threat Actors by Silverfort AIG.

Identity Has Become the Prime...

Enterprise Information Security

Enterprise Information Security

IGNITE Technologies

ENCRYPTED REVERSE

ENCRYPTED REVERSE

WORLD BANK GROUP

Global Cybersecurity Capacity Program

Global Cybersecurity Capacity Program

Getting started withsecurity metrics

Getting started withsecurity metrics

Generative AI and the EUDPR.

Generative AI and the EUDPR.

2024 Guide to Application Security Testing Tools

2024 Guide to Application Security Testing Tools

Hacker Culture

Quuensland Govermment

RISK ASSESSMENT PROCESS HANDBOOK

RISK ASSESSMENT PROCESS HANDBOOK

Ministry of MOS Security

HIPAA SIMPLIFIED

HIPAA SIMPLIFIED

How Are Passwords Cracked?

How Are Passwords Cracked?

CIS - Center for Internet Security

How to Plan a Cybersecurity Roadmap in Four Steps

How to Plan a Cybersecurity Roadmap in Four Steps

Information Security Manual

Information Security Manual

Incident Response Playbook: Dark Web Breaches

Incident Response Playbook: Dark Web Breaches

Endpoint Hardening Checklist

Endpoint Hardening Checklist

Important Active Directory Attribute

Important Active Directory Attribute

ISA GLOBAL CYBERSECURITY ALLIANCE

IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards

IIoT System Implementation and Certification Based on ISA/IEC 62443 Standards

IAM Security CHECKLIST

IAM Security CHECKLIST

Hunt Evil

How to protect personal data and comply with regulations

How to protect personal data and comply with regulations

Threat Intelligence Platforms

Threat Intelligence Platforms

CSA Cloud Security Alliance

Hardware Security Module(HSM) as a Service

Hardware Security Module(HSM) as a Service

IGNITE Technologies

CREDENTIAL DUMPING FAKE SERVICES

CREDENTIAL DUMPING FAKE SERVICES

IGNITE Technologies

A Detailed Guide on Covenant

A Detailed Guide on Covenant

Computer Security Incident Handling Guide

Computer Security Incident Handling Guide

IGNITE Technologies

DIGITAL FORENSIC FTK IMAGER

DIGITAL FORENSIC FTK IMAGER

Cloud Security Assessment

Cloud Security Assessment

CISO Reporting Landscape 2024

CISO Reporting Landscape 2024

Reporting Cyber Risk to Boards

Reporting Cyber Risk to Boards

CIOB Artificial Intelligence (AI) Playbook 2024

CIOB Artificial Intelligence (AI) Playbook 2024

INCIBE & SPAIN GOVERNMENT

Nuevas normativas de 2024 de ciberseguridad para vehículos

Nuevas normativas de 2024 de ciberseguridad para vehículos