Chinese hackers attack sophos
jdb10987 at yahoo.com
Fri Jun 17 23:08:03 PDT 2022
" sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos' firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack.
"The attacker implement[ed] an interesting web shell backdoor, create[d] a secondary form of persistence, and ultimately launch[ed] attacks against the customer's staff," Volexity said in a report. "These attacks aimed to further breach cloud-hosted web servers hosting the organization's public-facing websites."
The zero-day flaw in question is tracked as CVE-2022-1040 (CVSS score: 9.8), and concerns an authentication bypass vulnerability that can be weaponized to execute arbitrary code remotely. It affects Sophos Firewall versions 18.5 MR3 (18.5.3) and earlier."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 3111 bytes
Desc: not available
More information about the cypherpunks