Security News > 2020 > April > Malware Delivered to Sophos Firewalls via Zero-Day Vulnerability
Cybersecurity company Sophos informed customers over the weekend that it has patched a zero-day vulnerability that has been exploited to deliver malware to its XG Firewall appliances.
An investigation revealed that attackers have been exploiting a previously unknown SQL injection vulnerability to hack exposed physical and virtual firewalls.
Sophos started taking measures shortly after the attack started and it rolled out a SFOS hotfix that patches the SQL injection vulnerability on April 25.
In a blog post published late on Sunday, Sophos revealed that the attacker exploited the SQL injection vulnerability to insert a one-line command into the firewall database.
Sophos has dubbed the malware involved in the attack Asnarok and attributed the operation to an "Unknown adversary."
News URL
Related news
- RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks (source)
- Palo Alto Networks zero-day exploited since March to backdoor firewalls (source)
- Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days (source)
- Palo Alto Networks fixes zero-day exploited to backdoor firewalls (source)
- Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability (source)
- New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation (source)
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)
- Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability (source)