Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 38 subscribers
  • Views 3854 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firmware updates?

Sophos Rules

Hello, I am a home user and I have been under a pretty substantial attack from China and I noticed some strange events during the attack. I have pulled every log you can imagine and even ssh'd in to get the complete logs and created diagnostics CTR if anyone from Sophos is interested. This may be normal though I think this is in regards to the cyber attack. I can provide more information as needed if these messages are not normal.

Live view disabled at 20:51:02
System
firmware
Add filter
Timer filter
Reset
Time
Log comp
Status
Username
Message
Message ID
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for red60: 1
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for red20: 1
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for RED15w: 1
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for APX120: 11.0.020-1
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for APX740: 11.0.020-1
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for APX530: 11.0.020-1
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for APX320: 11.0.020-1
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for AP55C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for AP55: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for AP15C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for AP15: 9500-wifi-94a8ad4-0df51d6
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for AP100X: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for AP100C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 11:35:35
Wireless Protection
new firmware detected for AP100: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for red60: 1
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for red20: 1
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for RED15w: 1
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for APX120: 11.0.020-1
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for APX740: 11.0.020-1
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for APX530: 11.0.020-1
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for APX320: 11.0.020-1
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for AP55C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for AP55: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for AP15C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for AP15: 9500-wifi-94a8ad4-0df51d6
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for AP100X: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for AP100C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 11:25:14
Wireless Protection
new firmware detected for AP100: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for red60: 1
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for red20: 1
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for RED15w: 1
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for APX120: 11.0.020-1
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for APX740: 11.0.020-1
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for APX530: 11.0.020-1
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for APX320: 11.0.020-1
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for AP55C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for AP55: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for AP15C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for AP15: 9500-wifi-94a8ad4-0df51d6
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for AP100X: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for AP100C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 10:39:39
Wireless Protection
new firmware detected for AP100: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for red60: 1
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for red20: 1
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for RED15w: 1
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for APX120: 11.0.020-1
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for APX740: 11.0.020-1
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for APX530: 11.0.020-1
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for APX320: 11.0.020-1
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for AP55C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for AP55: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for AP15C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for AP15: 9500-wifi-94a8ad4-0df51d6
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for AP100X: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for AP100C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 09:20:15
Wireless Protection
new firmware detected for AP100: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for red60: 1
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for red20: 1
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for RED15w: 1
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for APX120: 11.0.020-1
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for APX740: 11.0.020-1
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for APX530: 11.0.020-1
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for APX320: 11.0.020-1
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for AP55C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for AP55: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for AP15C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for AP15: 9500-wifi-94a8ad4-0df51d6
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for AP100X: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for AP100C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 09:01:52
Wireless Protection
new firmware detected for AP100: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for red60: 1
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for red20: 1
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for RED15w: 1
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for APX120: 11.0.020-1
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for APX740: 11.0.020-1
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for APX530: 11.0.020-1
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for APX320: 11.0.020-1
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for AP55C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for AP55: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for AP15C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for AP15: 9500-wifi-94a8ad4-0df51d6
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for AP100X: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for AP100C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-09 06:45:02
Wireless Protection
new firmware detected for AP100: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for red60: 1
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for red20: 1
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for RED15w: 1
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for APX120: 11.0.020-1
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for APX740: 11.0.020-1
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for APX530: 11.0.020-1
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for APX320: 11.0.020-1
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for AP55C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for AP55: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for AP15C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for AP15: 9500-wifi-94a8ad4-0df51d6
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for AP100X: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for AP100C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-03-03 01:00:13
Wireless Protection
new firmware detected for AP100: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for red60: 1
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for red20: 1
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for RED15w: 1
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for APX120: 11.0.020-1
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for APX740: 11.0.020-1
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for APX530: 11.0.020-1
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for APX320: 11.0.020-1
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for AP55C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for AP55: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for AP15C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for AP15: 9500-wifi-94a8ad4-0df51d6
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for AP100X: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for AP100C: 9500-wifi-94a8ad46-0df51d6
17998
SYSTEM
2023-02-28 17:44:49
Wireless Protection
new firmware detected for AP100: 9500-wifi-94a8ad46-0df51d6
17998


This thread was automatically locked due to age.
  • 0

    So what part of firmware updates do you believe is a cyberattack?

    PFSense Plus 23.05 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | Fiber Conn (awaiting ATT Fiber)
    (Former Sophos UTM Veteran, XG Rookie)

  • 0 in reply to Amodin

    Thanks for the quick reply. Well I suppose it could be a coincidence. I just wanted to double check since the timing is peculiar and the volume of attacks.I really do not know where I would see anything referencing these events. Under pattern updates I have this. I was just doublechecking to see if anyone else knew more about this. I do not have a Sophos wireless adapter either.

    Last checked for updates  :  20:37:59, Mar 12 2023
    Pattern
    Current version
    Available version
    Last successful update
    Status
    AP Firmware
    11.0.020
    -
    14:24:10, Sep 12 2022
    Success
    ATP
    1.0.0459
    -
    01:52:40, Mar 06 2023
    Success
    Avira AV
    1.0.421162
    -
    18:39:53, Mar 12 2023
    Success
    Authentication Clients
    1.0.0020
    -
    05:23:33, Mar 31 2022
    Success
    Geoip ip2country DB
    2.0.020
    -
    05:47:09, Mar 01 2023
    Success
    IPS and Application signatures
    18.20.22
    -
    03:56:19, Mar 09 2023
    Success
    Sophos Connect Clients
    2.2.090
    -
    02:10:32, Jan 23 2023
    Success
    RED Firmware
    3.0.008
    -
    11:40:01, Aug 21 2022
    Success
    Sophos AntiSpam Interface
    1.0.260
    -
    19:38:28, Mar 10 2023
    Success
    Sophos AV
    1.0.18571
    -
    14:40:32, Mar 12 2023
    Success
    SSLVPN Clients
    1.0.009
    -
    20:10:29, May 17 2021
    Success
  • 0 in reply to Amodin

    I was reading this article as well and I thought it would be wise to doublecheck.

    https://news.sophos.com/en-us/2020/04/26/asnarok/

  • +1 in reply to Sophos Rules

    Those updates are usually shown after a restart or a firmware upgrade eg v19.5.0 to v19.5.1.

    ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

  • +1 in reply to rfcat_vk

    Thanks rfcat_vk. I did not do an update on that day I probably did a re-boot. Sounds great to hear that that is normal. That was the only question I had. After reading that story about the firmware updates and those little unexplained firmware notices in the system and this is the first time I had a major attack like this. Just about every IP address hitting my network had at least 5 security venders at VirusTotal warning about them and I have been hit with 1000's of bad IP's an hour. Its still not over but I have more confidence than ever in Sophos Firewall. 

  • 0 in reply to Sophos Rules

    Try looking up creating a dead end Nat to block the attacks.

    ian

    XG115W - v20 GA - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML