Black Basta Ransomware: A New Social Engineering Threat
The Black Basta ransomware group has recently launched an aggressive social engineering campaign targeting businesses. Originating from the remnants of the disbanded Conti group, Black…
Businesses and organisations relying on Cisco’s Adaptive Security Appliance (ASA) and Firepower Threat Defence (FTD) firewalls are being advised to take immediate action to protect themselves from a sophisticated cyber-attack campaign dubbed ArcaneDoor. This campaign is reportedly being conducted by a state-sponsored espionage group.
ArcaneDoor leverages three newly discovered critical vulnerabilities in Cisco ASA and FTD firewalls:
The first two vulnerabilities are known to be actively exploited in the ongoing campaign.
The attacks involve a two-stage process facilitated by the zero-day vulnerabilities (CVE-2024-20353 and CVE-2024-20359).
This attack highlights the importance of maintaining up-to-date security. It’s also a reminder that firewalls, while essential, should not be seen as impenetrable. Regular patching, monitoring, and a strong incident response plan are crucial for a robust cyber security strategy.