CISA has released Emergency Cisco Directive 25-03 Implementation Guidance to assist federal agencies in addressing critical vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.
Emergency Directive 25-03: Identify and Mitigate Potential Compromise of Cisco Devices, issued on Sept. 25, identified known vulnerabilities CVE-2025-20333 and CVE-2025-20362, and mandated immediate action to mitigate risks. Threat actors continue to target these devices, posing significant risk to all organizations. The implementation guidance provides information on the minimum software versions that address these vulnerabilities and direct federal agencies to conduct corrective patching measures on devices that are not compliant with these requirements.
Read more…
Source: U.S. Cybersecurity and Infrastructure Security Agency
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Airports, Student Aid Services Struck by Indonesian Cyber Attack
June 28, 2024
Indonesia’s parliament called the government to task over another cyber attack that led to airport and scholarship services being put out of service. The ransomware attack that affected hundreds of ministries and public institutions was “catastrophic,” said lawmaker Tubagus Hasanuddin in a Thursday evening hearing with the communications minister and the head of state cybersecurity agency. ...
- Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz
June 27, 2024
On Tuesday, June 18th, 2024, Rapid7 initiated an investigation into suspicious activity in a customer environment. Their investigation identified that the suspicious behavior was emanating from the installation of Notezilla, a program that allows for the creation of sticky notes on a Windows desktop. Installers for Notezilla, along with tools called RecentX and Copywhiz, are distributed ...
- Critical Vulnerability in Fortra FileCatalyst Workflow
June 27, 2024
Fortra has released a security update addressing a critical vulnerability found in FileCatalyst Workflow. FileCatalyst is an accelerated file transfer software solution that allows the transfer of large files over remote networks. CVE-2024-5276 is an SQL Injection vulnerability with a CVSSv3 score of 9.8 (critical), which if exploited could allow an unauthenticated attacker to modify or ...
- MerkSpy: Exploiting CVE-2021-40444 to Infiltrate Systems
June 27, 2024
Spyware is malicious software engineered to covertly monitor and gather information from a user’s computer without their awareness or consent. It can record activities like keystrokes, browsing behavior, and personal information, often transmitting this data to a third party for espionage or theft. FortiGuard Labs recently detected an attack exploiting the CVE-2021-40444 vulnerability in Microsoft Office. ...
- New Orcinius Trojan Uses VBA Stomping to Mask Infection
June 27, 2024
This week, the SonicWall Capture Labs threat research team investigated a sample of Orcinius malware. This is a multi-stage trojan that is using Dropbox and Google Docs to download second-stage payloads and stay updated. It contains an obfuscated VBA macro that hooks into Windows to monitor running windows and keystrokes and creates persistence using registry keys. Read ...
- Critical Vulnerability in Fortra FileCatalyst Workflow
June 27, 2024
Fortra has released a security update addressing a critical vulnerability found in FileCatalyst Workflow. FileCatalyst is an accelerated file transfer software solution that allows the transfer of large files over remote networks. CVE-2024-5276 is an SQL Injection vulnerability with a CVSSv3 score of 9.8 (critical), which if exploited could allow an unauthenticated attacker to modify or ...

