Lucene search
+L

10 matches found

Talos Blog
Talos Blog
added 2026/04/23 3:10 p.m.11 views

UAT-4356's Targeting of Cisco Firepower Devices

Cisco Talos is aware of UAT-4356's continued active targeting of Cisco Firepower devices' Firepower eXtensible Operating System FXOS. UAT-4356 exploited n-day vulnerabilities CVE-2025-20333 and CVE-2025-20362 to gain unauthorized access to vulnerable devices, where the threat actor deployed their...

9.9CVSS9.5AI score0.85543EPSS
Exploits1
HackRead
HackRead
added 2025/11/14 5:48 p.m.12 views

CISA Warns of Active Attacks on Cisco ASA and Firepower Flaws

CISA issues an urgent directive for all organizations to patch Cisco ASA and Firepower devices against CVE-2025-20362 and CVE-2025-20333, exploited in the ArcaneDoor campaign. Verify the correct version now!...

9.9CVSS7.1AI score0.85543EPSS
Exploits1
The Hacker News
The Hacker News
added 2025/09/26 5:51 a.m.36 views

Cisco ASA Firewall Zero-Day Exploits Deploy RayInitiator and LINE VIPER Malware

The U.K. National Cyber Security Centre NCSC has revealed that threat actors have exploited the recently disclosed security flaws impacting Cisco firewalls as part of zero-day attacks to deliver previously undocumented malware families like RayInitiator and LINE VIPER. "The RayInitiator and LINE...

9.9CVSS8.1AI score0.85543EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2025/07/22 12:0 a.m.17 views

PT-2025-30603 · Undefined · Undefined

ParsedReport CompletenessLow 22-07-2025 CVE-202553770/TOOLSHELL: HUNTING DOWN THE ATTACKER TECHNIQUES &VICTIMS https://theravenfile.com/2025/07/22/cve-2025-53770-toolshell-hunting-down-the-attacker-techniques-victims/ Report completeness: Low Actors/Campaigns: Arcanedoor Threats: Toolshell vuln...

9.8CVSS8.6AI score0.99979EPSS
Exploits41References1
The Hacker News
The Hacker News
added 2024/05/06 1:47 p.m.36 views

China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices

The recently uncovered cyber espionage campaign targeting perimeter network devices from several vendors, including Cisco, may have been the work of China-linked actors, according to new findings from attack surface management firm Censys. Dubbed ArcaneDoor, the activity is said to have commenced...

8.6CVSS7.2AI score0.70686EPSS
Exploits2
hivepro
hivepro
added 2024/04/29 3:31 p.m.16 views

Unmasking ArcaneDoor: A Cyber Espionage Surge Against Critical Infrastructure

Discovery of a Digital Breach Even our most sensitive governmental and infrastructural data is not guaranteed safe. A new breach has been uncovered, ominously named "ArcaneDoor." According to HiveForce Labs, this campaign has been meticulously orchestrated with the primary aim of breaching the...

7.6AI score
Exploits0
hivepro
hivepro
added 2024/04/26 12:18 p.m.19 views

ArcaneDoor a Novel Espionage Campaign Exploits Cisco Zero-Days

...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/25 5:50 a.m.62 views

State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage

A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments. Cisco Talos, which dubbed the activity ArcaneDoor, attributed it as the handiwork of a previously undocumented sophisticated...

8.6CVSS8.2AI score0.70686EPSS
Exploits2
Qualys Blog
Qualys Blog
added 2024/04/24 10:55 p.m.57 views

ArcaneDoor Unlocked: Tackling State-Sponsored Cyber Espionage in Network Perimeters

Cisco recently uncovered a sophisticated cyber espionage campaign, ArcaneDoor, targeting perimeter network devices used by government and critical infrastructure sectors. This campaign involves state-sponsored actors exploiting two zero-day vulnerabilities CVE-2024-20353 and CVE-2024-20359 aimed...

5CVSS8.4AI score0.70686EPSS
Exploits2
CISA
CISA
added 2024/04/24 12:0 p.m.79 views

Cisco Releases Security Updates Addressing ArcaneDoor, Vulnerabilities in Cisco Firewall Platforms

Today, Cisco released security updates to address ArcaneDoor—exploitation of Cisco Adaptive Security Appliances ASA devices and Cisco Firepower Threat Defense FTD software. A cyber threat actor could exploit vulnerabilities CVE-2024-20353link is external, CVE-2024-20359link is external,...

8.6CVSS8AI score0.70686EPSS
In wildExploits2References7
Rows per page
Query Builder