Sophos released an emergency security update on Saturday, to patch a zero-day vulnerability in its XG enterprise firewall, after being reportedly exploited by hackers. The cybersecurity firm received a report from one of its customers saying there is a suspicious field value visible in the management interface.
Also Read: Enterprise Contact Centers are being targeted with COVID-19 Scams
Cybercriminals targeted Sophos XG Firewall devices that had the User Portal control panel exposed to the WAN zone. The firm said hackers used the SQL injection vulnerability to download a payload on the device, which then stole files from the XG Firewall.
Source:https://www.zdnet.com/article/hackers-are-exploiting-a-sophos-firewall-zero-day/
Also, Read: Hackers Trade Data of 267 Million Facebook Users for over $500
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.