Security vendor WatchGuard quietly fixed a critical vulnerability in a line of its firewall devices and didn’t explicitly disclose the flaw until Wednesday, following revelations hackers from Russia’s military apparatus exploited it en masse to assemble a massive botnet.
Law enforcement agencies in the US and UK on February 23 warned that members of Sandworm—among the Russian government’s most aggressive and elite hacker groups—were infecting WatchGuard firewalls with malware that made the firewalls part of a vast botnet. On the same day, WatchGuard released a software tool and instructions for identifying and locking down infected devices. Among the
→ Continue reading at Ars Technica