{"id":34661,"date":"2020-04-28T14:39:49","date_gmt":"2020-04-28T14:39:49","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/31159\/Attackers-Exploit-0-Day-Code-Execution-Flaw-In-The-Sophos-Firewall.html"},"modified":"2020-04-28T14:39:49","modified_gmt":"2020-04-28T14:39:49","slug":"attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/","title":{"rendered":"Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/04\/hole-in-wall-800x709.jpg\" alt=\"A gaping hole in a brick wall.\"><\/p>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\">\n<h4 class=\"comment-count-before\"><a title=\"35 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2020\/04\/sophos-firewall-0day-allowing-remote-code-execution-comes-under-attack\/?comments=1\">reader comments<\/a><\/h4>\n<p><a title=\"35 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2020\/04\/sophos-firewall-0day-allowing-remote-code-execution-comes-under-attack\/?comments=1\"><span class=\"comment-count-number\">49<\/span> <span class=\"visually-hidden\">with 35 posters participating<\/span><\/a><\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/div>\n<\/aside>\n<p>Users of a widely used firewall from Sophos have been under a zero-day attack that was designed to steal usernames, cryptographically protected passwords, and other sensitive data, officials with the security firm said on Sunday.<\/p>\n<p>The well-researched and developed attack exploited a <a href=\"https:\/\/en.wikipedia.org\/wiki\/SQL_injection\">SQL injection<\/a> flaw in fully patched versions of the Sophos XG Firewall. With that toehold in systems, it downloaded and installed a series of scripts that ultimately executed code intended to make off with users\u2019 names, usernames, the cryptographically hashed form of the passwords, and the salted SHA256 hash of the administrator account\u2019s password. Sophos has delivered a <a href=\"https:\/\/community.sophos.com\/kb\/en-us\/135415\">hotfix that mitigates the vulnerability<\/a>.<\/p>\n<p>Other data targeted by the attack included a list of the IP address allocation permissions for firewall users; the version of the custom operating system running; the type of CPU; the amount of memory that was present on the device; how long it had been running since the last reboot; the output of the ifconfig, a command-line tool; and ARP tables used to translate IP addresses into domain names.<\/p>\n<p>\u201cThis malware\u2019s primary task appeared to be data theft, which it could perform by retrieving the contents of various database tables stored in the firewall, as well as by running some operating system commands,\u201d Sophos researchers wrote in <a href=\"https:\/\/news.sophos.com\/en-us\/2020\/04\/26\/asnarok\/\">Sunday\u2019s disclosure<\/a>. \u201cAt each step, the malware collected information and then concatenated it to a file it stored temporarily on the firewall with the name <code>Info.xg<\/code>.\u201d<\/p>\n<p>The exploits also downloaded the malware from domains that appeared to be legitimate. To evade detection, some of the malware deleted underlying files that executed it and ran solely in memory. The malicious code uses a creative and roundabout method to ensure it\u2019s executed each time firewalls are started. Those characteristics strongly suggest that the threat actors spent weeks or months laying the groundwork for the attacks.<\/p>\n<h2>Sophistication<\/h2>\n<p>The attack demonstrated that the attackers had a detailed knowledge of the Firewall that could only come from someone who had access to the software, which likely required a license. From there, the attackers carefully studied the Firewall to find inner workings that allowed the downloading and installation of malware that used names that closely resembled names of legitimate files and processes.<\/p>\n<p>The data the malware was designed to exfiltrate suggests the attack was designed to give attackers the means to further penetrate the organizations that used the firewall through phishing attacks and unauthorized access to user accounts, and it potentially exploits targeting the firewalls or end users. The Sophos post said there was no evidence the data exfiltrations were successful, but it also didn\u2019t rule out that possibility.<\/p>\n<p>The zero-day vulnerability that made the attacks possible was a pre-authentication SQL injection flaw found in the custom operating system that runs the firewall. Sophos provided no additional details about the vulnerability. SQL injection exploit flaws that execute malicious code through strings that are entered into forms contained on a vulnerable website. The flaws are the result of a failure to filter out commands. Pre-authentication means the attacker didn\u2019t need to provide any credentials to carry execute code.<\/p>\n<p>Users of vulnerable firewalls should ensure the hotfix is installed as soon as possible and then examine their systems for signs of compromise published on the previously mentioned post <a href=\"https:\/\/news.sophos.com\/en-us\/2020\/04\/26\/asnarok\/\">here<\/a>.<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/31159\/Attackers-Exploit-0-Day-Code-Execution-Flaw-In-The-Sophos-Firewall.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":34662,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[256],"class_list":["post-34661","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackerflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-04-28T14:39:49+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"760\" \/>\n\t<meta property=\"og:image:height\" content=\"532\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall\",\"datePublished\":\"2020-04-28T14:39:49+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\\\/\"},\"wordCount\":569,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall.jpg\",\"keywords\":[\"headline,hacker,flaw\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\\\/\",\"name\":\"Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall.jpg\",\"datePublished\":\"2020-04-28T14:39:49+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/04\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall.jpg\",\"width\":760,\"height\":532},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/","og_locale":"en_US","og_type":"article","og_title":"Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-04-28T14:39:49+00:00","og_image":[{"width":760,"height":532,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall","datePublished":"2020-04-28T14:39:49+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/"},"wordCount":569,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall.jpg","keywords":["headline,hacker,flaw"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/","url":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/","name":"Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall.jpg","datePublished":"2020-04-28T14:39:49+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/04\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall.jpg","width":760,"height":532},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/attackers-exploit-0-day-code-execution-flaw-in-the-sophos-firewall\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerflaw\/"},{"@type":"ListItem","position":3,"name":"Attackers Exploit 0-Day Code Execution Flaw In The Sophos Firewall"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34661","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=34661"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/34661\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/34662"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=34661"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=34661"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=34661"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}