This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

InterceptX - iPad just got hacked

Hi folks,

my iPad running the latest ipados and interceptX was hacked using a known hack in Facebook messenger.

Thankfully my contact list is not that great and I was able to unsound the bad message.

The iPAD is also guarded by XG and at the time the initial attack it was not using decrypted and scan which it was when the messages were sent but there is an exception in web policy for facebook.

Why wasn't the known hack stooped by interceptX.
ian



This thread was automatically locked due to age.
Parents Reply Children
  • Hi Yashraj,

    Thank you for the details, but they do not answer the real issue about why a known bad actor site was allowed to get past interceptX? Also the sophos email scanning function suggested in the URLs is a business application, not available to home users. Further the URL should have failed the XG testing, not just content but as a know bad site.

    Ian

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with 2 x APX120 - 20w. 
    If a post solves your question use the 'This helped me' link.
  • Hi ,

    The XG firewall would have prevented this URL from a web filtering policy. Did you configure HTTPS decrypt and scan? 

    Thanks,

     

     
    Harsh Patel (H_Patel)

    Community Support Engineer | Sophos Technical Support
    Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' button.

  • Hi,

    no, because decrypt and scan does not work on my iPAD to many sites fail and SSL/TLS is even worse.

    But I do have it enabled for malware and content scanning.

    Ian

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with 2 x APX120 - 20w. 
    If a post solves your question use the 'This helped me' link.
  • Hi ,

    The XG firewall would have prevented this URL from a web filtering policy, but it was not configured for your iPad. Did you have any IPS policy or ATP configured on the firewall? 

    Thanks,

     

     
    Harsh Patel (H_Patel)

    Community Support Engineer | Sophos Technical Support
    Support Videos | Product Documentation | @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' button.

  • Hi H_Patel,

    A screenshot of the firewall rule.

    Ian

     
    V18.0.x - e3-1225v5 6gb ram on 4 port MB with 2 x APX120 - 20w. 
    If a post solves your question use the 'This helped me' link.