Cisco Zero-Days Anchor 'ArcaneDoor' Cyber Espionage Campaign
Attacks by a previously unknown threat actor leveraged two bugs in firewall devices to install custom backdoors on several government networks globally.
Stay informed on Cisco security updates, threats, and solutions. Get the latest news and expert insights on Cisco information security developments.
Search across headline titles and summaries.
Background for this topic.
Cisco produces networking devices and software that manage data flow in enterprise and service provider networks, including routers, switches, and firewalls. These components are often central points controlling network traffic and access, making their integrity critical for secure communications and network stability.
Security risks with Cisco equipment commonly arise from firmware vulnerabilities, exposed management interfaces, and configuration errors that attackers can exploit to gain unauthorized access or disrupt services. Timely application of security patches and strict access controls on device management interfaces are essential to reduce exposure. Monitoring network devices for unusual activity also helps detect potential compromises early in environments relying on Cisco infrastructure.
Attacks by a previously unknown threat actor leveraged two bugs in firewall devices to install custom backdoors on several government networks globally.
An advisory from Cisco Talos has highlighted a sophisticated cyber-espionage campaign targeting government networks globally
A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments
Don't get too comfortable: 'Line Dancer' malware may be targeting other vendors, too A previously unknown and "sophisticated" nation-state group compromised Cisco firewalls as early as November 2023 for espionage purposes — and possibly attacked network devices made by other vendors including Microsoft, according to warnings from the networking giant and three Western governments.…
Networking Giant Dubs Campaign Against Government Customers 'Arcane Door'Probable nation-state hackers targeted Cisco firewall appliances in a campaign dating to late 2023, the networking giant disclosed Wednesday while releasing three patches, two of them rated critical. Cisco doesn't connect the hackers with a specific country. It dubs the campaign "Arcane Door."
Cisco warned today that a state-backed hacking group has been exploiting two zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls since November 2023 to breach government networks worldwide. [...]
A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains since at least February 2024
Anjana Kumbampati of Cisco discusses the unique challenges MSPs face, such as managing multiple ecosystems and vendors, which complicates their operational and billing processes. She explains how Cisco helps streamline these aspects to boost MSP efficiency and profitability.