ZDNet

Hackers tried (and failed) to install ransomware using a zero-day in Sophos firewalls

UK cyber-security vendor Sophos published today an update on its investigation into a recent series of attacks that tried to exploit a zero-day vulnerability in its XG firewall product. Sophos said ...
Threat Post

Hackers Mount Zero-Day Attacks on Sophos Firewalls

A pre-auth SQL injection bug leading to remote code execution is at the heart of a data-stealing campaign against XG firewalls, using the Asnarok trojan. Attackers have been targeting the Sophos XG ...
Bleeping Computer

Hackers exploit zero-day in Sophos XG Firewall, fix released

Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks. Sophos states that they received a report on April ...
CRN

Sophos Takes On Encrypted Network Traffic With New XG Firewall 18

Sophos has debuted a new version of its XG Firewall that provides visibility into previously unobservable transport mechanisms while retaining high levels of performance. The Oxford, U.K.-based ...
CRN

Sophos XG Firewall Exploited By Zero-Day Bug, Patch Released

The attack was apparently intended to steal sensitive information from the firewall, though Sophos said it has not discovered any evidence that data had been successfully exfiltrated. A previously ...
ZDNet

Hackers are exploiting a Sophos firewall zero-day

Cyber-security firm Sophos has published an emergency security update on Saturday to patch a zero-day vulnerability in its XG enterprise firewall product that was being abused in the wild by hackers.