US EditionCritical Cisco Firewall Holes Under Active Attack
CISA requires federal agencies to patch or disconnect Cisco firewall devices vulnerable to two zero-day exploits with severity scores up to 9.9, actively exploited by a sophisticated hacking group.
- On September 25, CISA issued Emergency Directive 25-03 ordering federal civilian agencies to secure Cisco firewall devices vulnerable to two zero-day flaws.
- This action followed a widespread, ongoing espionage campaign linked to the ArcaneDoor operation that exploited vulnerabilities since November 2023.
- The campaign targeted Adaptive Security Appliance and Firepower Threat Defense devices, using advanced evasion, malware persistence in read-only memory, and disabling logs.
- CISA directed agencies to identify, forensically analyze, disconnect compromised or end-of-support devices, and patch remaining devices by September 26, with reporting due October 3.
- CISA and Cisco continue collaborative mitigation efforts while cautioning about evolving attacker tactics and urging critical infrastructure operators to report incidents promptly.
23 Articles
23 Articles
Hackers exploit Cisco firewall flaw, U.S. issues urgent alert | Honolulu Star-Advertiser
WASHINGTON >> The U.S. government’s cyber defense agency has issued urgent guidance to other federal agencies over hackers exploiting a previously unknown vulnerability in Cisco security devices.
The Epoch Times
Zero HedgeUS Cyber Agency Issues Emergency Directive Amid Major Hacking Campaign Targeting Cisco
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive asking federal agencies to take immediate action to identify and mitigate system vulnerabilities to protect their devices from a major hacking campaign, the agency said in a Sept. 25 statement. “This widespread campaign poses a significant risk to victims’ networks by exploiting zero-day vulnerabilities that persist through reboots and system upgrades,”…
CISA says it observed nearly year-old activity tied to Cisco zero-day attacks
The Cybersecurity and Infrastructure Security Agency acknowledged it’s yet to get a complete handle on the scope and impact of attacks involving Cisco zero-day vulnerabilities that prompted it to release an emergency directive Thursday. The attack timeline dates back almost a year, according to an investigation Cisco and federal authorities did behind the scenes to identify the root cause and then coordinate the issuance of patches to address s…
CISA orders civilian agencies to immediately patch Cisco vulnerabilities amid widespread attacks
The Cybersecurity and Infrastructure Security Agency issued an emergency directive on Thursday in response to a widespread campaign exploiting zero-day vulnerabilities in Cisco firewall devices. While the emergency directive only applies to federal civilian executive branch agencies, CISA is strongly encouraging other government and private sector organizations to follow the same guidance. Under the emergency order, all civilian agencies are req…
Coverage Details
Bias Distribution
- 73% of the sources are Center
Factuality
To view factuality data please Upgrade to Premium
