.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
Informational
Advisory: Sisense Data Breach
CVE(N)
N/A
产品(N)
Sophos Central
更新日
2024 Apr 15
文章版本
1
公開日
2024 Apr 15
公開 ID
sophos-sa-20240415-sisense-data-breach
回避策
No
Overview
On Thursday, April 11, 2024, the US Cybersecurity and Infrastructure Agency (CISA) published an alert regarding the Compromise of Sisense Customer Data where they recommend customers reset credentials and secrets used in Sisense cloud services and to investigate any suspicious activity.
Sophos leverages the self-hosted version of Sisense Fusion in its Threat Analysis Center and Sophos Central customizable dashboards, which have been integrated with the minimum privileges possible. In addition, through our own detailed investigation of logs, we have not discovered any suspicious activity or compromise of Sophos or Sophos customer data. Sophos continues to monitor and validate that customers are not affected.
We will update this advisory if we discover any new information.
Related Information
Sophos Responsible Disclosure Policy
To learn about Sophos security vulnerability disclosure policies and publications, see the Responsible Disclosure Policy.