Will DormannI get the impression that VPN endpoints are kind of important.
Attackers are exploiting Cisco ASA devices in the wild.
Cisco has fixed CVE-2024-20353 and CVE-2024-20359, but they have yet to discover the initial entry point vulnerability. 😬
https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/
Attackers are exploiting Cisco ASA devices in the wild.
Cisco has fixed CVE-2024-20353 and CVE-2024-20359, but they have yet to discover the initial entry point vulnerability. 😬
https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices
Cisco is aware of new activity targeting certain Cisco Adaptive Security Appliances (ASA) 5500-X Series and has released three CVEs related to the event. We assess with high confidence this activity is related to same threat actor as ArcaneDoor in 2024.