A US federal agency was successfully targeted by a previously unknown backdoor malware called Firestarter, according to CISA cybersnoops and their UK counterparts – neither of which disclosed the agency’s name.
Federal Civilian Executive Branch (FCEB) agencies include NASA; Homeland Security itself (cyberworkers at CISA are part of an operational unit in Homeland Security); the FBI; the DoJ; the IRS; the Department of Veteran Affairs; the Department of Health and Human Services (HHS); and more. Described as a backdoor with remote access capabilities, Firestarter was named after Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD), the two products the malware targeted.
Read more…
Source: The Register News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Leaked Private & BootGuard Keys in MSI Cyber Attack Pose Threat to PC Security
May 8, 2023
Following a recent cyber attack on MSI’s systems, hackers managed to obtain private keys and Intel BootGuard Keys, according to a warning from respected security firm Binarly. These keys are essential for maintaining the security of a company’s devices and firmware, and the leak could result in severe security compromises. Binarly’s CEO, Alex Matrosov, disclosed on ...
- Dump these insecure phone adapters because we’re not fixing them, says Cisco
May 5, 2023
There is a critical security flaw in a Cisco phone adapter, and the business technology giant says the only step to take is dumping the hardware and migrating to new kit. In an advisory, Cisco this week warned about the vulnerability in the SPA112 2-Port Adapter that, if exploited, could allow a remote attacker to essentially ...
- CISA Releases One Industrial Control Systems Advisory
May 4, 2023
CISA released one Industrial Control Systems (ICS) advisory on May 4, 2023.This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Releases One Industrial Control Systems ...
- CISA Adds Three Known Exploited Vulnerabilities to Catalog
May 1, 2023
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-1389 TP-Link Archer AX-21 Command Injection Vulnerability CVE-2021-45046 Apache Log4j2 Deserialization of Untrusted Data Vulnerability Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans Related story: CISA Releases ...
- CISA Releases One Industrial Control Systems Medical Advisory
April 27, 2023
CISA released one Industrial Control Systems Medical (ICS) medical advisory on April 27, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS medical advisory for technical details and mitigations Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Releases ...
- Microsoft is busy rewriting core Windows code in memory-safe Rust
April 27, 2023
Microsoft is rewriting core Windows libraries in the Rust programming language, and the more memory-safe code is already reaching developers. David “dwizzle” Weston, director of OS security for Windows, announced the arrival of Rust in the operating system’s kernel at BlueHat IL 2023 in Tel Aviv, Israel, last month. Read more… Source: The Register