Chinese hackers targeted South Asian Entity weeks before the Sophos zero-day bug got fixed


Flaw exploited before the patch

Hackers used the zero-day exploit for the critical-severity flaw in Sophos Firewall. Criminals used the flaw to compromise a South Asian company and breached cloud-hosted web servers.[1] The issue has been fixed after that, but threat actors managed to exploit the security vulnerability to bypass authentication and run arbitrary code remotely to attack various organizations.[2]

Read more…