Techly NewsGet the app

Get the latest tech news

ArcaneDoor – New campaign found targeting network devices


ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actors, perimeter network devices are the perfect intrusion point for espionage-focused campaigns.

As a critical path for data into and out of the network, these devices need to be routinely and promptly patched; using up-to-date hardware and software versions and configurations; and be closely monitored from a security perspective. The attackers were able to leverage this vulnerability to cause the target ASA device to reboot, triggering the unzipping and installing the second component of the threat actor’s malware implant, Line Runner. Our attribution assessment is based on the victimology, the significant level of tradecraft employed in terms of capability development and anti-forensic measures, and the identification and subsequent chaining together of 0-day vulnerabilities.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of arcanedoor

arcanedoor

Photo of focused campaign

focused campaign

Photo of New espionage

New espionage

Related news:

News photo

'ArcaneDoor' Cyberspies Hacked Cisco Firewalls To Access Government Networks

News photo

'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks

« $5.6 Million in Refunds Sent to Ring Customers, Settling Unauthorized Access and Privacy Violations
Google asks court to reject the DOJ’s lawsuit that accuses it of monopolizing ad tech »