Topic: cisco asa
-
Palo Alto Portal Scans Skyrocket 500%
GreyNoise reported a 500% surge in reconnaissance scans targeting Palo Alto Networks login interfaces, with 1,300 distinct IPs detected on October 3rd, primarily originating from the United States. Similar scanning campaigns have targeted other remote access services like Cisco ASA, with shared c...
Read More » -
Palo Alto Networks Login Portals Under Massive Attack Surge
A dramatic 500% surge in suspicious network scans is targeting Palo Alto Networks login portals, with over 1,285 unique IPs involved, indicating a coordinated reconnaissance campaign. The majority of scanning IPs originated from the U.S., with clusters focusing on targets in the U.S. and Pakistan...
Read More » -
ArcaneDoor Hackers Renew Cisco Attacks with Stealthy Campaign
A sophisticated cyber-espionage campaign by the ArcaneDoor threat actor has compromised older Cisco ASA firewalls using zero-day vulnerabilities to implant malware and steal data. The attackers used advanced evasion techniques and modified the ROM Monitor to ensure persistence, but only older mod...
Read More » -
Active Attacks Exploit Cisco ASA Zero-Day Flaws
A coordinated international cybersecurity alert warns of active attacks exploiting zero-day vulnerabilities in Cisco ASA and FTD software, attributed to a sophisticated, likely state-sponsored threat actor linked to previous ArcaneDoor campaigns. Two critical vulnerabilities (CVE-2025-20362 and C...
Read More » -
Cisco ASA Devices Face Surge in Network Scans
A significant surge in network scanning activity targeting Cisco ASA devices has been detected, with spikes in late August involving up to 25,000 unique IP addresses, suggesting potential vulnerability exploitation. The scanning was largely driven by a Brazilian botnet and focused heavily on the ...
Read More »