Security News
Attackers have been targeting the Sophos XG Firewall using a zero-day exploit, according to the security firm - with the ultimate goal of dropping the Asnarok malware on vulnerable appliances. Firewalls manually configured to expose a firewall service to the WAN zone that shares the same port as the admin or user portal were also affected," the firm explained.
Aside from plugging the security hole, the hotfix detects if the firewall was hit by attackers and, if it was, stops it from accessing any attacker infrastructure, cleans up remnants from the attack, and notifies administrators about it so that they can perform additional remediation steps. The zero-day affects all versions of XG Firewall firmware on both physical and virtual Sophos firewalls.
Cybersecurity company Sophos informed customers over the weekend that it has patched a zero-day vulnerability that has been exploited to deliver malware to its XG Firewall appliances. An investigation revealed that attackers have been exploiting a previously unknown SQL injection vulnerability to hack exposed physical and virtual firewalls.
Sophos XG Firewall hacked in the wild - hotfix available. Sophos has rushed out a hotfix for its XG Firewall products to close an SQL injection vulnerability - after hackers were spotted exploiting the hole in the wild.
In September last year, Sophos made Sandboxie free, while also announcing that it was transitioning the tool to open source. "Sophos is proud to announce the release of the Sandboxie source code to the community, meaning we are finally an open source tool! We're excited to give the code to the community," the company announced on its forums.
There's been a bump in the road, a stick in the wheel, because Sophos was a member of the UK government's "Cycle to work" scheme - which offers staff loans to pay for bicycles and related stuff like lights, helmets and panniers. The trouble is that the bike scheme is regulated by the Financial Conduct Authority.
Want 50% off Sophos Home? You can get it here!
The SophosLabs 2020 Threat Report highlights a growing battle as smart automation technologies continue to evolve.
The Sophos 2020 Threat Report is out, and among the key findings: Ransomware attackers continue to leverage automated active attacks that can evade security controls and disable backups to do...
Sophos Board Will 'Unanimously Recommend' Deal to ShareholdersPrivate-equity firm Thoma Bravo, which already has stakes in several cybersecurity companies, plans to buy U.K.-based security company...