{"id":34634,"date":"2020-04-26T12:04:13","date_gmt":"2020-04-26T12:04:13","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/"},"modified":"2020-04-26T12:04:13","modified_gmt":"2020-04-26T12:04:13","slug":"sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/","title":{"rendered":"Sophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world"},"content":{"rendered":"
<\/div>\n

Roundup<\/strong> It’s time to dig in to another Register<\/em> security roundup.<\/p>\n

Sophos XG Firewall hacked in the wild \u2013 hotfix available<\/span><\/h3>\n

Sophos has rushed out a hotfix<\/a> for its XG Firewall products to close an SQL injection vulnerability \u2013 after hackers were spotted exploiting the hole in the wild. The flaw can be abused to steal the firewall’s configuration, such as usernames and hashed passwords.<\/p>\n

The hotfix will, as well as patching the bug, tell admins if their boxes were compromised by miscreants before the fix could be applied. Ensure automatic hotfix deployment is enabled to receive the update. All physical and virtual XG firewalls are vulnerable, we’re told, and all supported versions (SFOS 17.1, 17.5, 18.0) will get a hotfix.<\/p>\n

“The attack used a previously unknown SQL injection vulnerability to gain access to exposed XG devices,” said Team Sophos.<\/p>\n

“It was designed to download payloads intended to exfiltrate XG Firewall-resident data. The data for any specific firewall depends upon the specific configuration and may include usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access. Passwords associated with external authentication systems such as AD or LDAP are unaffected.<\/p>\n

“At this time, there is no indication that the attack accessed anything on the local networks behind any impacted XG Firewall.”<\/p>\n

Multi-language texts crash Apple iThings<\/span><\/h3>\n

A seemingly random string of text in an SMS can reportedly crash iOS devices that receive it, meaning you can drive an Apple fan bonkers by remotely knackering their handheld by sending them the text. 9to5mac reported<\/a> the string is a mixture of the Italian flag icon and text in the Sidhi language, and triggers a bug in Messages for iPhone, iPad, Mac and Apple Watch. The flaw’s effect is said to vary by device: the crash can cause anything from the chat app unexpectedly quitting to the touchscreen freezing up.<\/p>\n

\n

The craziest iOS crash text bug \ud83d\udc80 pic.twitter.com\/29LJPb67WP<\/a><\/p>\n

\u2014 EverythingApplePro (@EveryApplePro) April 23, 2020<\/a><\/p><\/blockquote>\n

Apple has yet to publicly comment on the issue. What with this and its unpatched Mail flaw<\/a>, it has not been a good week for Cupertino’s security record.<\/p>\n

Ransomware masterminds appear to honor vow not to infect hospitals<\/span><\/h3>\n

At the outset of the COVID-19 coronavirus pandemic<\/a>, a handful of ransomware crooks promised not to target<\/a> healthcare providers. Yeah, right, we all thought. Well, it seems the malware gangs may be true to their word, kinda, as ransomware attacks in general are way down and infections of file-scrambling nasties at healthcare facilities are almost non-existent, we’re told.<\/p>\n

Security software maker Emsisoft claimed<\/a> it clocked just 25 reported attacks on healthcare facilities over the past quarter, a nosedive from the 191 hits it sees on an average per quarter. Sounds nice, but…<\/p>\n

“This reduction is entirely due to the fact that, in 2019, many managed service providers (MSPs) were exploited enabling multiple healthcare organizations to be simultaneously compromised in a single incident,” Emsisoft pointed out. “So far in 2020, there have been no such attacks affecting healthcare providers.”<\/p>\n

So, maybe there was something to that pledge after all, sort of.<\/p>\n

Prosecutors crack down on COVID-19 scams<\/span><\/h3>\n

The US Justice Department is taking the fight to sketchy peddlers looking to turn a quick buck by scamming the public with bogus coronavirus information and treatments.<\/p>\n

Prosecutors have taken down<\/a> hundreds of scam operations, we’re told. These range from bogus donation webpages \u2013 with one claiming to be the Red Cross \u2013 to phishing pages that impersonated government relief programs.<\/p>\n

“The department will continue to collaborate with our law enforcement and private sector partners to combat online COVID-19 related crime,” said Brian Benczkowski, assistant attorney general. “We commend the responsible internet companies that are taking swift action to prevent their resources from being used to exploit this pandemic.”<\/p>\n

Crown Sterling settles case over car-crash Black Hat presentation<\/span><\/h3>\n

One of the more bizarre stories to come out of last year’s Black Hat infosec conference in Las Vegas was the one about the paid-for “Time AI” presentation by an outfit called Crown Sterling. The sponsored session went down like a lead balloon: hecklers pulled apart the company’s outlandish boasts about encryption and artificial intelligence.<\/p>\n

Times being what they are, this led to a lawsuit<\/a> from Crown Sterling against Black Hat, alleging the conference organizers violated the sponsorship deal by allowing the presentation to be derailed by cheesed-off audience members. That lawsuit was settled<\/a> recently, though we won’t know the terms as everything was kept confidential.<\/p>\n

Sadly, there will probably be no presentations this year, at least not in person, as Black Hat is highly likely to be cancelled due to the virus outbreak. BSides Las Vegas called<\/a> off its event this summer due to the pandemic.<\/p>\n

Team Fortress 2, Counter Strike: Global Offensive code leaked<\/span><\/h3>\n

Someone, apparently after a spat between members of the game modding community, leaked online<\/a> the source code<\/a> to a previously leaked portion of the engine inside smash-hit video games Team Fortress 2 and Counter Strike: Global Offensive. Shortly after, another claimed to have found a remote code execution bug in the software. As scary as that sounds, there’s actually not much<\/a> to be worried about here.<\/p>\n

Bankers fall victim to email scam<\/span><\/h3>\n

Checkpoint has yet another report<\/a> on scumbags hijacking an email account within an organization to impersonate a staffer to have account numbers changed on invoices and payments to redirect funds to the crooks’ pockets. In this latest case, $650,000 was stolen via irretrievable transfers from UK and Israeli-based finance firms by criminals.<\/p>\n

PAAY spills card payment logs<\/span><\/h3>\n

Payments biz PAAY inadvertently publicly exposed<\/a> an estimated 2.5 million card transactions, thanks to a misconfigured internet-facing database. There is some debate as to whether any actual payment card numbers were exposed, and thus far there is no indication any fraudsters accessed it before the data silo was taken offline.<\/p>\n

Cyberstalking charge for California man<\/span><\/h3>\n

A California man, said to have been heavily involved with women-hating incel<\/a> message boards<\/a>, has been brought up on charges of stalking two teenage girls who turned down his advances.<\/p>\n

Carl Bennington, 33, of Covina, has been accused<\/a> of using multiple social media accounts to stalk the young women over a four-year period up to and including death threats. If convicted, he faces up to five years in prison.<\/p>\n

Exercise app Kinomap reveals user info<\/span><\/h3>\n

Elsewhere in badly-secured-databases news, exercise app Kinomap<\/a> forgot to set a password on one of its internet-facing storage buckets and, as a consequence, some basic user profile information such as names, usernames, email address, and workout timestamps were exposed.<\/p>\n

Microsoft posts Office update<\/span><\/h3>\n

Microsoft has issued an out-of-band update<\/a> for Office 2016 and 2019 thanks to a remote code execution bug found in a bundled AutoDesk library. This can be exploited by opening a file containing a booby-trapped 3D model that triggers malicious code execution.<\/p>\n

Autodesk patched<\/a> the flaw earlier this month, so make sure you’re up to date.<\/p>\n

Nintendo warns of account thefts<\/span><\/h3>\n

Nintendo has had to reset the credentials<\/a> of around 160,000 user accounts after it was found miscreants were using a leaked set of logins from an old service called Nintendo Network ID to get into profiles, and, in some cases, rack up fraudulent purchases.<\/p>\n

Winnti group blamed for new attack in Germany<\/span><\/h3>\n

The notorious DPRK Winnti hacking crew is said to be at it again. This time, the North Korean hackers are said to have<\/a> broken into a German company using a technique called DNS tunneling.<\/p>\n

“The sophistication of the techniques we uncovered confirms that the Winnti Group is a highly sophisticated, and highly committed Advanced Persistent Group targeting a plethora of different industry sectors in Europe and South Asia,” said eggheads at Quo Intelligence, which analyzed the reported break-in.<\/p>\n

Researchers show how GPUs can leak system data<\/span><\/h3>\n

Not the most practical attack, but it’s worth the time to read this interesting report<\/a> from Duo security on how malware could program a PC’s graphics processor to transmit data wirelessly using its high-frequency shader clock. This leaked information could be received by a miscreant nearby, bypassing any air gapping.<\/p>\n

Boffins Mikhail Davidov and Baron Oldenburg produced a setup that could “exfiltrate data out of a radio-less and air-gapped desktop workstation through a wall and 50ft away.”<\/p>\n

VictoryGate botnet menaces South America<\/span><\/h3>\n

ESET has uncovered a cryptocurrency-mining botnet that appears to be largely focused on South America. Known as VictoryGate, the malware infects a mixture of home and business Windows PCs and Internet-of-Things devices.<\/p>\n

“Active since at least May 2019, it is composed mainly of devices in Peru, where over 90 per cent of the infected devices are located,” said<\/a> ESET. “The main activity of the botnet is mining Monero cryptocurrency.”<\/p>\n

Group-IB spots card cache for sale on darknet market<\/span><\/h3>\n

Group-IB has sounded the alarm<\/a> following the discovery of a cache of bank card data for sale on the dark web. The cards, which are said to come exclusively from banks in South Korea and the US, are said to number somewhere around 400,000, and are being offered at $5 apiece. And, according to the seller, anywhere from 30 to 40 per cent are still valid.<\/p>\n

“It should be noted,” said Group-IB, “that it is the biggest sale of South Korean records on the dark web in 2020, which contributes to the growing popularity of APAC-issued card dumps in the underground.” \u00ae<\/p>\n

Sponsored:<\/span> Webcast: Build the next generation of your business in the public cloud<\/a><\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Plus Office 2016, 2019 patches \u2013 and a barn-load of other security bits and bytes Roundup\u00a0 It’s time to dig in to another Register security roundup.\u2026 READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":34635,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-34634","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"\nSophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Sophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-26T12:04:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"648\" \/>\n\t<meta property=\"og:image:height\" content=\"432\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Sophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world\",\"datePublished\":\"2020-04-26T12:04:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\\\/\"},\"wordCount\":1581,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\\\/\",\"name\":\"Sophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world.jpg\",\"datePublished\":\"2020-04-26T12:04:13+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world.jpg\",\"width\":648,\"height\":432},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Sophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Sophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/","og_locale":"en_US","og_type":"article","og_title":"Sophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-04-26T12:04:13+00:00","og_image":[{"width":648,"height":432,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Sophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world","datePublished":"2020-04-26T12:04:13+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/"},"wordCount":1581,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/","url":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/","name":"Sophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world.jpg","datePublished":"2020-04-26T12:04:13+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world.jpg","width":648,"height":432},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/sophos-xg-firewalls-hacked-hotfix-ready-texts-wreck-apple-ithings-yup-business-as-usual-in-infosec-world\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Sophos XG firewalls hacked, hotfix ready. Texts wreck Apple iThings. Yup, business as usual in infosec world"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34634","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=34634"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34634\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/34635"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=34634"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=34634"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=34634"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}