Security News

Critical Sophos Firewall RCE Vulnerability Under Active Exploitation
2022-03-29 03:32

Cybersecurity firm Sophos on Monday warned that a recently patched critical security vulnerability in its firewall product is being actively exploited in real-world attacks.The flaw, tracked as CVE-2022-1040, is rated 9.8 out of 10 on the CVSS scoring system and impacts Sophos Firewall versions 18.5 MR3 and older.

Sophos fixes critical hijack flaw in firewall offering
2022-03-28 19:56

Sophos has patched a remote code execution vulnerability in its firewall gear that was disclosed via its bug-bounty program. The flaw is present in the User Portal and Webadmin user interfaces of Sophos Firewall.

Critical Sophos Security Bug Allows RCE on Firewalls
2022-03-28 17:33

Cybersecurity stalwart Sophos has plugged a critical vulnerability in its firewall product, which could allow remote code-execution. The flaw, tracked as CVE-2022-1040, is specifically an authentication-bypass vulnerability in the User Portal and Webadmin of the Sophos Firewall.

Critical Sophos Firewall vulnerability allows remote code execution
2022-03-27 12:03

Sophos has fixed a critical vulnerability in its Sophos Firewall product that allows remote code execution. Tracked as CVE-2022-1040, the authentication bypass vulnerability exists in the User Portal and Webadmin areas of Sophos Firewall.

Sophos vs. Kaspersky: Choosing the best antivirus program for your security needs
2022-03-11 19:14

Security suites like Kaspersky and Sophos can make buyers safer from things like viruses, spyware, adware, worms, and trojans. Security for organizations is synchronized between endpoints in real-time for fast reactions to security threats.

Sophos: Log4Shell would have been a catastrophe without the Y2K-esque mobilisation of engineers
2022-01-25 15:32

Anti-malware outfit Sophos has weighed in on Log4Shell, saying that the galvanization of the IT world to avert disaster would be familiar to those who lived through the Y2K era. The Log4Shell vulnerability turned up in the common-as-muck Apache Log4j logging library late last year.

Sophos 2022 Threat Report: Malware, Mobile, Machine learning and more!
2021-11-09 19:31

The report isn't just one researcher's work, or even one department's work, but the combined effort of SophosLabs, Sophos Managed Threat Response, Sophos Rapid Response, and Sophos Artificial Intelligence. Don't take Joe's word for it read the report and see how we live up to those three principles!

Shotgun targeting of malware attacks will be the defining infosec theme of 2022, reckons Sophos
2021-11-09 19:30

Future malware and ransomware infections will consist of "Shotgun attacks with pinpoint targeting", according to Sophos' 2022 threat report. As if that wasn't enough, the British infosec biz reckons established commodity malware attacks will end up delivering ever more ransomware, while extortion tactics used by ransomware gangs will become more diverse and intense - with the aim of browbeating victims into handing over cash.

Sophos acquires Braintrace to provide better security outcomes to their MDR customers
2021-07-23 23:00

Sophos' MTR and Rapid Response services business has expanded rapidly, establishing Sophos as one of the largest and fastest-growing MDR providers in the world, with more than 5,000 active customers. Braintrace's NDR technology will support Sophos' MTR and Rapid Response analysts and Extended Detection and Response customers through integration into the Adaptive Cybersecurity Ecosystem, which underpins all Sophos products and services.

Sophos Acquires Capsule8 to Beef up Linux Protection
2021-07-07 14:42

British anti-malware powerhouse Sophos has acquired Capsule8 to beef up the Linux protection capabilities to its endpoint detection and response product stack. For Sophos, the Capsule8 technology adds runtime visibility, detection and response for Linux production servers and containers covering both on-premises and cloud workloads.