tldrdaily.news logo
Tag

Cisco Asa

All articles tagged with #cisco asa

security3 months ago

US Government Urgently Patches Cisco Vulnerabilities Amid Widespread Cyberattacks

A sophisticated state-sponsored threat actor is actively exploiting multiple zero-day vulnerabilities in Cisco ASA and FTD software, primarily targeting government networks worldwide for data exfiltration. Cisco has issued advisories and software updates to address these critical vulnerabilities, which allow remote code execution and data theft. The vulnerabilities are being exploited with advanced evasion techniques, posing significant risks to organizations, especially those with internet-facing edge devices. Authorities like CISA and NCSC have issued mitigation directives and analyzed malware used in these attacks.

via Palo Alto Networks|
#active-exploitation#cisco-asa#cybersecurity
security3 months ago

Urgent Cisco Security Alerts: Zero-Day Vulnerabilities and Mitigation Efforts

Cisco warns of two critical zero-day vulnerabilities in its ASA and FTD software, actively exploited in the wild, prompting CISA to issue an emergency mitigation directive for federal agencies. The vulnerabilities allow remote code execution and unauthorized access, with ongoing attacks linked to a threat group called ArcaneDoor, posing significant risks to affected networks.

via The Hacker News|
#cisa-emergency-directive#cisco-asa#cybersecurity
cybersecurity1 year ago

"CISA Urges Patching of Microsoft Exchange and Cisco ASA Flaws Exploited in Ransomware Attacks"

The U.S. CISA has warned of Akira ransomware exploiting a now-patched vulnerability in Cisco ASA and FTD software, with evidence suggesting it has been used to compromise multiple susceptible Cisco Anyconnect SSL VPN appliances. Akira is one of the 25 groups with newly established data leak sites in 2023, claiming nearly 200 victims, and is linked to the Conti syndicate. Federal agencies are required to remediate identified vulnerabilities by March 7, 2024. The ransomware landscape has become lucrative, attracting new players, and the U.S. GAO has called for enhanced oversight into recommended practices for addressing ransomware.

via The Hacker News|
#akira#cisa#cisco-asa