CISA has released Emergency Cisco Directive 25-03 Implementation Guidance to assist federal agencies in addressing critical vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.
Emergency Directive 25-03: Identify and Mitigate Potential Compromise of Cisco Devices, issued on Sept. 25, identified known vulnerabilities CVE-2025-20333 and CVE-2025-20362, and mandated immediate action to mitigate risks. Threat actors continue to target these devices, posing significant risk to all organizations. The implementation guidance provides information on the minimum software versions that address these vulnerabilities and direct federal agencies to conduct corrective patching measures on devices that are not compliant with these requirements.
Read more…
Source: U.S. Cybersecurity and Infrastructure Security Agency
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Ryuk Ransomware Gang Uses Zerologon Bug for Lightning-Fast Attack
October 19, 2020
The Ryuk threat actors have struck again, moving from sending a phishing email to complete encryption across the victim’s network in just five hours. That breakneck speed is partially the result of the gang using the Zerologon privilege-escalation bug (CVE-2020-1472), less than two hours after the initial phish, researchers said. The Zerologon vulnerability allows an unauthenticated attacker ...
- US charges Russian hackers behind NotPetya, KillDisk, OlympicDestroyer attacks
October 19, 2020
The US Department of Justice has unsealed charges today against six Russian nationals believed to be members of one of Russia’s elite hacking and cyberwar units — known as Sandworm. In court documents today, US officials said all six suspects are officers in Unit 74455 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency ...
- Google says it mitigated a 2.54 Tbps DDoS attack in 2017, largest known to date
October 16, 2020
The Google Cloud team revealed today a previously undisclosed DDoS attack that targeted Google service back in September 2017 and which clocked at 2.54 Tbps, making it the largest DDoS attack recorded to date. Damian Menscher, a Security Reliability Engineer for Google Cloud, said the 2.54 Tbps peak was “the culmination of a six-month campaign” that ...
- 800,000 SonicWall VPNs vulnerable to new remote code execution bug
October 16, 2020
Almost 800,000 internet-accessible SonicWall VPN appliances will need to be updated and patched for a major new vulnerability that was disclosed on Wednesday. Discovered by the Tripwire VERT security team, CVE-2020-5135 impacts SonicOS, the operating system running on SonicWall Network Security Appliance (NSA) devices. SonicWall NSAs are used as firewalls and SSL VPN portals to filter, control, ...
- IAmTheKing and the SlothfulMedia malware family
October 15, 2020
On October 1, 2020, the DHS CISA agency released information about a malware family called SlothfulMedia, which they attribute to a sophisticated threat actor. We have been tracking this set of activity through our private reporting service, and we would like to provide the community with additional context. In June 2018, we published the first report ...
- Iranian state hacker group linked to ransomware deployments
October 15, 2020
Security researchers said they found clues linking recent attacks with the Thanos ransomware to a group of Iranian state-sponsored hackers. While investigating security incidents at several Israeli prominent organizations, security researchers from ClearSky and Profero said they linked the intrusions to MuddyWater, a known Iranian state-sponsored hacking group. The intrusions followed similar patterns, with two tactics being ...