ZDNet

Hackers are exploiting a Sophos firewall zero-day

Cyber-security firm Sophos has published an emergency security update on Saturday to patch a zero-day vulnerability in its XG enterprise firewall product that was being abused in the wild by hackers.
Threat Post

Hackers Mount Zero-Day Attacks on Sophos Firewalls

A pre-auth SQL injection bug leading to remote code execution is at the heart of a data-stealing campaign against XG firewalls, using the Asnarok trojan. Attackers have been targeting the Sophos XG ...
Bleeping Computer

Hackers exploit zero-day in Sophos XG Firewall, fix released

Sophos has fixed a zero-day SQL injection vulnerability in their XG Firewall after receiving reports that hackers actively exploited it in attacks. Sophos states that they received a report on April ...
ZDNet

Hackers tried (and failed) to install ransomware using a zero-day in Sophos firewalls

UK cyber-security vendor Sophos published today an update on its investigation into a recent series of attacks that tried to exploit a zero-day vulnerability in its XG firewall product. Sophos said ...
Bleeping Computer

Sophos fixes SQL injection vulnerability in their Cyberoam OS

Sophos has deployed a hotfix for their line of Cyberoam firewalls and routers to fix a SQL injection vulnerability. Sophos purchased firewall and router maker Cyberoam Technologies in 2014 and has ...