Tag: cisco
-
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware
UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel malware families, RayInitiator and LINE VIPER. These malware mark a major evolution from earlier campaigns,…
-
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware
UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel malware families, RayInitiator and LINE VIPER. These malware mark a major evolution from earlier campaigns,…
-
UK NCSC warns that attackers exploited Cisco firewall zero-days to deploy RayInitiator and LINE VIPER malware
UK NCSC warns that threat actors exploited Cisco firewall zero-days to deploy new malware strains RayInitiator and LINE VIPER. The U.K. NCSC reported that threat actors exploited recently disclosed Cisco firewall flaws (CVE-2025-20362, CVE-2025-20333) in zero-day attacks to deploy novel malware families, RayInitiator and LINE VIPER. These malware mark a major evolution from earlier campaigns,…
-
Cisco ASA zero-day vulnerabilities exploited in sophisticated attacks
A widespread campaign aimed at breaching organizations via zero-day vulnerabilities in Cisco Adaptive Security Appliances (ASA) has been revealed by the US, UK, Canadian and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/26/cisco-asa-zero-day-attacks/
-
UK and US security agencies order urgent fixes as Cisco firewall bugs exploited in wild
CISA gives feds 24 hours to patch, NCSC urges rapid action as flaws linked to ArcaneDoor spies First seen on theregister.com Jump to article: www.theregister.com/2025/09/26/cisco_firewall_flaws/
-
UK and US security agencies order urgent fixes as Cisco firewall bugs exploited in wild
CISA gives feds 24 hours to patch, NCSC urges rapid action as flaws linked to ArcaneDoor spies First seen on theregister.com Jump to article: www.theregister.com/2025/09/26/cisco_firewall_flaws/
-
Cisco ASA 0-Day RCE Flaw Actively Exploited in the Wild
A critical zero-day vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software is being actively exploited in the wild. Tracked as CVE-2025-20333, this remote code execution flaw allows an authenticated attacker to execute arbitrary code as root on affected devices. Cisco published an advisory on September…
-
Hackers Exploit Cisco ASA 0-Day to Deploy RayInitiator and LINE VIPER Malware
Security teams worldwide have been warned after attackers began exploiting a newly discovered zero-day vulnerability in Cisco Adaptive Security Appliance (ASA) 5500-X Series firewalls. The breach allows hackers to deploy sophisticated malware, dubbedRayInitiatorandLINE VIPER, potentially giving them full control of affected devices. Today, the National Cyber Security Centre (NCSC), part of GCHQ, issued detailed guidance…
-
Hackers Exploit Cisco ASA 0-Day to Deploy RayInitiator and LINE VIPER Malware
Security teams worldwide have been warned after attackers began exploiting a newly discovered zero-day vulnerability in Cisco Adaptive Security Appliance (ASA) 5500-X Series firewalls. The breach allows hackers to deploy sophisticated malware, dubbedRayInitiatorandLINE VIPER, potentially giving them full control of affected devices. Today, the National Cyber Security Centre (NCSC), part of GCHQ, issued detailed guidance…
-
Critical Cisco Flaw Lets Remote Attackers Execute Code on Firewalls and Routers
Cisco published Security Advisory cisco-sa-http-code-exec-WmfP3h3O revealing a severe flaw in multiple Cisco platforms that handle HTTP-based management. Tracked as CVE-2025-20363, this vulnerability stems from improper validation of user-supplied input in HTTP requests. CVE Affected Products Impact CVSS 3.1 Score CVE-2025-20363 Secure Firewall ASA & FTD with SSL VPN or MUS enabled; IOS/IOS XE with Remote…
-
Critical Cisco Flaw Lets Remote Attackers Execute Code on Firewalls and Routers
Cisco published Security Advisory cisco-sa-http-code-exec-WmfP3h3O revealing a severe flaw in multiple Cisco platforms that handle HTTP-based management. Tracked as CVE-2025-20363, this vulnerability stems from improper validation of user-supplied input in HTTP requests. CVE Affected Products Impact CVSS 3.1 Score CVE-2025-20363 Secure Firewall ASA & FTD with SSL VPN or MUS enabled; IOS/IOS XE with Remote…
-
Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware
The U.K. National Cyber Security Centre (NCSC) has revealed that threat actors have exploited the recently disclosed security flaws impacting Cisco firewalls as part of zero-day attacks to deliver previously undocumented malware families like RayInitiator and LINE VIPER.”The RayInitiator and LINE VIPER malware represent a significant evolution on that used in the previous campaign, both…
-
CISA says it observed nearly year-old activity tied to Cisco zero-day attacks
The agency, which issued an emergency directive to federal agencies Thursday, said it took months to determine the root cause and mitigate the activity. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-emergency-directive-timeline-investigation/
-
Cisco Adaptive Security Appliance wird über 0-day angegriffen
Die US Cybersicherheitsbehörde CISA hat eine dringende Warnung an US-Behörden herausgegeben. Cisco ASA (Adaptive Security Appliance) wird über 0-day-Schwachstellen in den Webservices aktiv angegriffen. US-Behörden müssen sofort auf die Schwachstellen reagieren und Gegenmaßnahmen ergreifen. Die Warnung der CISA findet sich … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/26/cisco-adaptive-security-appliance-wird-ueber-0-day-angegriffen/
-
Patch now: Attacker finds another zero day in Cisco firewall software
Tags: access, attack, best-practice, cisa, cisco, cve, cyber, defense, detection, exploit, firewall, firmware, Hardware, incident response, malware, monitoring, network, resilience, risk, router, software, technology, threat, tool, update, vpn, vulnerability, zero-day, zero-trustroot, which may lead to the complete compromise of the device.Affected are devices running Cisco Secure Firewall Adaptive Security Appliance (ASA) software, Cisco Secure Firewall Threat Defense (FTD) software, as well as devices running Cisco IOS, IOS XE and IOS XR software. There are two attack scenarios:an unauthenticated, remote attacker getting into devices running Cisco…
-
SentinelOne Hires Industry Vet Ana Pinczuk As New President Of Technology
SentinelOne announced Thursday it has hired Ana Pinczuk, a veteran executive at tech giants including Cisco and Hewlett Packard Enterprise, as its new president of product and technology. First seen on crn.com Jump to article: www.crn.com/news/security/2025/sentinelone-hires-industry-vet-ana-pinczuk-as-new-president-of-technology
-
Cisco’s Wave of Actively Exploited Zero-Day Bugs Targets Firewalls, IOS
Patch now: Cisco recently disclosed four actively exploited zero-days affecting millions of devices, including three targeted by a nation-state actor previously discovered to be behind the ArcaneDoor campaign. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/cisco-actively-exploited-zero-day-bugs-firewalls-ios
-
Feds Isolate Cisco Firewalls to Defend Against ‘Arcane Door’
CISA Issues Emergency Directive After Cisco Exploits Persist After Reboot. CISA issued an emergency directive Thursday after discovering an advanced hacking campaign exploiting two persistent zero-days in Cisco firewall gear – malware that survives system reboots and upgrades – forcing agencies to disconnect vulnerable devices by Friday. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/feds-isolate-cisco-firewalls-to-defend-against-arcane-door-a-29568
-
Critical Cisco IOS/IOS XE Vulnerability Could Expose Networks
Cisco TACACS+ vulnerability threatens sensitive data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/critical-cisco-ios-ios-xe-vulnerability-could-expose-networks/
-
‘Emergency’ Response Needed Amid Cisco Firewall Attacks
Tags: attack, cisa, cisco, cyberattack, cybersecurity, exploit, firewall, infrastructure, vulnerability, zero-dayCyberattacks that have exploited two zero-day Cisco firewall vulnerabilities prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to issue an “emergency directive” Thursday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/cisa-emergency-response-needed-amid-cisco-firewall-attacks
-
CISA alerts federal agencies of widespread attacks using Cisco zero-days
Cisco said it was investigating state-sponsored espionage attacks in May. CISA did not explain why it waited four months to issue an emergency directive. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-emergency-directive-cisco-zero-days/
-
U.S. CISA adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CISCO Secure Firewall ASA and Secure FTD flaws to its Known Exploited Vulnerabilities (KEV) catalog. CISA urges Federal Agencies to identify and mitigate potential compromise…
-
Cisco admins urged to patch IOS, IOS XE devices
allow a low privileged authenticated attacker who sends a crafted SNMP packet to an affected device to cause the system to reload, resulting in a denial of service (DoS) condition.allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system. First seen on networkworld.com Jump to article: www.networkworld.com/article/4063425/cisco-admins-urged-to-patch-ios-ios-xe-devices.html
-
Federal agencies given one day to patch exploited Cisco firewall bugs
Vulnerabilities in some models of Cisco’s Adaptive Security Appliances (ASA) have been exploited by “an advanced threat actor,” according to a warning from CISA. First seen on therecord.media Jump to article: therecord.media/cisco-asa-firewall-bugs-cisa-federal-agencies-warning
-
Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive
Cisco is urging customers to patch two security flaws impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software, which it said have been exploited in the wild.The zero-day vulnerabilities in question are listed below -CVE-2025-20333 (CVSS score: 9.9) – An improper validation…
-
CISA orders feds to patch Cisco flaws used to hack multiple agencies
One U.S. official called the ongoing cyberattack campaign hitting federal agencies and businesses “very sophisticated.” First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisa-emergency-directive-cisco-vulnerabilities-arcanedoor/761150/
-
CISA orders agencies to patch Cisco flaws exploited in zero-day attacks
CISA has issued a new emergency directive ordering U.S. federal agencies to secure their Cisco firewall devices against two flaws that have been exploited in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-agencies-to-patch-cisco-flaws-exploited-in-zero-day-attacks/
-
Cisco warns of ASA firewall zero-days exploited in attacks
Cisco warned customers today to patch two zero-day vulnerabilities that are actively being exploited in attacks and impact the company’s firewall software. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-asa-firewall-zero-days-exploited-in-attacks/