Sophos rolls out zero-day patch for its enterprise firewall product | HT Tech
Home Tech Tech News Sophos rolls out zero-day patch for its enterprise firewall product

Sophos rolls out zero-day patch for its enterprise firewall product

Hackers targeted Sophos XG Firewall devices that had their administration or the User Portal control panel exposed on the internet

By: INDO ASIAN NEWS SERVICE
| Updated on: Apr 27 2020, 16:07 IST
Sophos said that passwords for customers’ other external authentication systems, such as AD or LDAP, were unaffected.
Sophos said that passwords for customers’ other external authentication systems, such as AD or LDAP, were unaffected. (Getty Images/iStockphoto)

Cybersecurity firm Sophos has released an emergency security update to patch a zero-day vulnerability in its XG enterprise firewall product that hackers exploited in the wild.

According to a ZDNet report, after receiving a report from one of its customers, Sophos learned of the zero-day on April 22. The customer reported after finding a suspicious field value visible in the management interface.

You may be interested in

MobilesTablets Laptops
Apple iPhone 15 Pro Max
  • Black Titanium
  • 8 GB RAM
  • 256 GB Storage
₹156,900
Check details
28% OFF
Samsung Galaxy S23 Ultra 5G
  • Green
  • 12 GB RAM
  • 256 GB Storage
₹107,999₹149,999
Buy now
Google Pixel 8 Pro
  • Obsidian
  • 12 GB RAM
  • 128 GB Storage
₹106,998
Check details
Apple iPhone 15 Plus
  • Black
  • 6 GB RAM
  • 128 GB Storage
₹87,900
Check details

After investigating the report, the company determined this was an active attack and not an error in its product.

Also read
Looking for a smartphone? To check mobile finder click here.

"The attack used a previously unknown SQL injection vulnerability to gain access to exposed XG devices. They used the SQL injection vulnerability to download a payload on the device. This payload then stole files from the XG Firewall," the company said in a security advisory.

Hackers targeted Sophos XG Firewall devices that had their administration or the User Portal control panel exposed on the internet. Sophos said that passwords for customers' other external authentication systems, such as AD or LDAP, were unaffected.

The company said that it has not found any evidence that hackers used the stolen passwords to access XG Firewall devices. However, the company has already pushed an automatic update to patch all XG Firewalls that have the auto-update feature enabled.

"This hotfix eliminated the SQL injection vulnerability which prevented further exploitation, stopped the XG Firewall from accessing any attacker infrastructure, and cleaned up any remnants from the attack," it said.

Catch all the Latest Tech News, Mobile News, Laptop News, Gaming news, Wearables News , How To News, also keep up with us on Whatsapp channel,Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.

First Published Date: 27 Apr, 16:07 IST
Tags:
Trending: oneplus 12r: oneplus’ most powerful ‘r’ model with aqua touch sony playstation 5 slim launching today, blinkit to deliver in just 10 minutes- india prices and all details iphone users get a new whatsapp update- here’s what’s new and all features explained how to change whatsapp font style and font size in chat window nasa virtual black hole simulator: experience the gravitational dynamics how to restore whatsapp chat history on android: check tips and tricks this horrifying whatsapp scam can hijack your account with just a phone call beware! your whatsapp account can be hacked easily; here’s how this cybcercrime works apple ipad 2024 event: 6 big announcements and one more thing you may have missed big relief! iphone 14 can save your life! satellite connectivity activated
NEXT ARTICLE BEGINS

Tips & Tricks

iPhone travel hacks
iPhone tips: 6 useful features in iOS 17 to try during your next foreign vacation
Samsung_Galaxy_M55_5G_10_things_to_know_about_this
Samsung Galaxy M55 5G: 10 things to know about this mid-range smartphone
ash-lab-wuK7M2xH3WU-unsplash
iPhone 15 hidden features: How to take a passport photo on iPhone- 5 steps
Slide_1
5 films to watch on YouTube that are shot entirely on iPhone 15 Pro Max
GTA5_EIGHT
GTA Online: From competing in races to having a party, 7 things to do if you are bored

Editor’s Pick

OnePlus Nord CE 4 Review
OnePlus Nord CE 4 Review: No nonsense smartphone under 25,000
Lok Sabha election 2024: How to find the location of your polling booth online with mobile number
Lok Sabha election 2024: How to find the location of your polling booth online with mobile number
Atomberg fan: What is BLDC tech? Top 5 Atomberg ceiling fans with best price
Best Atomberg ceiling fans (2024) for your modern home: BLDC tech, high speed, saves power bills
iPhone 16 vs iPhone 15
iPhone 16 vs iPhone 15: Know expected upgrades, specifications and what features to expect from Apple
LG Artcool AC launched
LG Artcool AC launched: Here are the latest LG air conditioner models in 2024 and all top features explained

Trending Stories

iPhone 16 vs iPhone 15
iPhone 16 vs iPhone 15: Know expected upgrades, specifications and what features to expect from Apple
iPhones
iPhone discounts: Best deals on iPhone 13, 14, and 15 [April 2024]
Samsung Galaxy Unpacked event date tipped
Samsung Galaxy Unpacked event date tipped: From Galaxy Z Fold 6 to Galaxy Ring, know what’s coming
Apple's May event
iPad Air 2024 may skip mini-LED display- Here's what to expect from Apple Event on May 7
GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
keep up with tech

Gaming

GTA 5, Red Dead Redemption 2 and 6 more best-selling titles released by Rockstar Games
GTA 5, Red Dead Redemption 2 and 6 more best-selling titles released by Rockstar Games
Garena Free Fire MAX
Garena Free Fire MAX Redeem Codes for May 12: Grab freebies like skins, weapons and more today
Garena Free FireGarena Free Fire Redeem codes for May 12
Garena Free Fire Redeem Codes for May 12: Top 3 guns to eliminate enemies quickly
Garena Free Fire MAX redeem codes for May 11
Garena Free Fire MAX redeem codes for May 11: Get exclusive rewards and know how to redeem codes
Garena Free Fire Redeem Codes for May 11
Garena Free Fire Redeem Codes for May 11: Best ways to use smoke grenades smartly, avoid elimination

Best Deals For You

best smartwatch brands
Top 10 smartwatch brands: Leading the market with innovation
ASUS unveils 2024 gaming lineup featuring TUF Gaming A15 and ROG Strix G16- All details
ASUS unveils 2024 gaming lineup featuring TUF Gaming A15 and ROG Strix G16- All details
PlayStation 5
5 best gaming consoles to buy right now: PlayStation 5, Xbox Series X and more
iOS 18 to bring AI features to Safari
iOS 18 to bring AI features to Safari: New intelligent search and web eraser feature leaked
Ambrane launches PowerHub 300: Portable power solution for travel and emergency charging needs- details
Ambrane launches PowerHub 300: Portable power solution for travel and emergency charging needs- details

    Trending News

    iPhone 16 vs iPhone 15: Know expected upgrades, specifications and what features to expect from Apple
    iPhone 16 vs iPhone 15
    iPhone discounts: Best deals on iPhone 13, 14, and 15 [April 2024]
    iPhones
    Samsung Galaxy Unpacked event date tipped: From Galaxy Z Fold 6 to Galaxy Ring, know what’s coming
    Samsung Galaxy Unpacked event date tipped
    iPad Air 2024 may skip mini-LED display- Here's what to expect from Apple Event on May 7
    Apple's May event
    GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean
    GTA 5 hidden mysteries: Players discover underwater UFO beneath the Pacific Ocean

    Trending Gadgets

    Mobiles Laptops Tablets