Get a Pentest and security assessment of your IT network.

Cyber Security

Hackers Mount Zero-Day Attacks on Sophos Firewalls

A pre-authentication SQL injection bug leading to remote code execution is at the heart of a data-stealing campaign against XG firewalls, using the Asnarok trojan. Attack consists of a chain of Linux shell scripts hosted on an innocuous-sounding yet malicious domain, Sophos said. Sophos issued a hotfix this week for the issue, which affects both physical and virtual versions of the Sophos XG Firewall (both physical and. virtual versions) Attackers have been targeting the. security firm using a zero-day exploit, according to the security firm.

Source: https://threatpost.com/hackers-zero-day-attacks-sophos-firewalls/155169/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation