Sophos Releases Update to Patch Zero-day Vulnerability

19
Sophos, XG Firewall, SQL, zero-day vulnerability, User Portal, WAN zone, hackers, cyber criminals
Sophos Releases Update to Patch Zero-day Vulnerability

Sophos released an emergency security update on Saturday, to patch a zero-day vulnerability in its XG enterprise firewall, after being reportedly exploited by hackers. The cybersecurity firm received a report from one of its customers saying there is a suspicious field value visible in the management interface.

Enterprise Contact Centers are being targeted with COVID-19 Scams

Cybercriminals targeted Sophos XG Firewall devices that had the User Portal control panel exposed to the WAN zone. The firm said hackers used the SQL injection vulnerability to download a payload on the device, which then stole files from the XG Firewall.

Source:https://www.zdnet.com/article/hackers-are-exploiting-a-sophos-firewall-zero-day/

Hackers Trade Data of 267 Million Facebook Users for over $500