Archive: April, 2020
Sophos XG Firewall Zero-Day Hotfixed
Sophos released a security bulletin stating that they have fixed a zero-day pre-auth SQL Injection vulnerability in their XG Firewall that was actively being exploited in the wild.
Agent Tesla used against Oil and Gas Industry in Spear-phishing campaign
In a highly targeted spear-phishing campaign, the . Net-based Agent Tesla malware was deployed against the Oil and Gas Industry.
Google witnessed over 18 Million daily COVID Themed phishing emails
A new blog post from Google presents that Gmail has seen over 18 million attacks per day with COVID-19 themed malware or phishing attempts.
New Microsoft Patch fixes two actively exploited Zero-Days
Included in today’s April Patch Tuesday from Microsoft are patches for CVE-2020-1020 (remote code execution vulnerability for Windows) and CVE-2020-0938 (remote code execution vulnerability for Windows).