Researchers Expose OVERSTEP Rootkit on End-of-Life SonicWall VPNs

GTIG released indicators of compromise with detection guidance after confirming UNC6148 exploited patched SMA 100 series VPNs to install a stealth boot-process rootkit.