"Firestarter was named after Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD), the two products the malware targeted."
"CISA said Firestarter was especially sophisticated in that it maintained persistent access to compromised networking devices even after they were updated, allowing attackers to re-enter victims' networks without needing to exploit any new vulnerabilities."
"Despite the perceived focus on government and critical national infrastructure, all organizations in the US and UK are advised to take preventative measures."
Firestarter is a backdoor malware that successfully targeted a US federal agency, identified by CISA. It specifically exploits Cisco Secure Firewall products. Although only one agency was confirmed affected, it is suspected to be part of a broader campaign against government and critical infrastructure networks. Firestarter is notable for its ability to maintain access even after device updates. Organizations are urged to implement preventative measures and report incidents to CISA and NCSC for intelligence purposes.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]