Security News > 2020 > April > Malware Delivered to Sophos Firewalls via Zero-Day Vulnerability

Cybersecurity company Sophos informed customers over the weekend that it has patched a zero-day vulnerability that has been exploited to deliver malware to its XG Firewall appliances.
An investigation revealed that attackers have been exploiting a previously unknown SQL injection vulnerability to hack exposed physical and virtual firewalls.
Sophos started taking measures shortly after the attack started and it rolled out a SFOS hotfix that patches the SQL injection vulnerability on April 25.
In a blog post published late on Sunday, Sophos revealed that the attacker exploited the SQL injection vulnerability to insert a one-line command into the firewall database.
Sophos has dubbed the malware involved in the attack Asnarok and attributed the operation to an "Unknown adversary."
News URL
Related news
- Fortinet warns of new zero-day exploited to hijack firewalls (source)
- PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks (source)
- Wallbleed vulnerability unearths secrets of China's Great Firewall 125 bytes at a time (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- EncryptHub Exploits Windows Zero-Day to Deploy Rhadamanthys and StealC Malware (source)
- Mozilla Patches Critical Firefox Bug Similar to Chrome’s Recent Zero-Day Vulnerability (source)