A US federal agency was successfully targeted by a previously unknown backdoor malware called Firestarter, according to CISA cybersnoops and their UK counterparts – neither of which disclosed the agency’s name.
Federal Civilian Executive Branch (FCEB) agencies include NASA; Homeland Security itself (cyberworkers at CISA are part of an operational unit in Homeland Security); the FBI; the DoJ; the IRS; the Department of Veteran Affairs; the Department of Health and Human Services (HHS); and more. Described as a backdoor with remote access capabilities, Firestarter was named after Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD), the two products the malware targeted.
Read more…
Source: The Register News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Cisco Critical Flaw Patched in WAN Software Solution
August 19, 2020
Cisco patched a critical flaw in its wide area network (WAN) software solution for enterprises, which if exploited could give remote, unauthenticated attackers administrator privileges. The flaw exists in Cisco Virtual Wide Area Application Services (vWAAS), which is software that Cisco describes as a “WAN optimization solution.” It helps manage business applications that are being leveraged ...
- Researchers Warn of Flaw Affecting Millions of IoT Devices
August 19, 2020
Researchers are urging connected-device manufacturers to ensure they have applied patches addressing a flaw in a module used by millions of Internet-of-Things (IoT) devices. If exploited, researchers speculated that the flaw could allow attackers to knock out a city’s electricity or even overdose a medical patient. The vulnerability exists in a widely used Cinterion module, a ...
- ‘EmoCrash’ Exploit Stoppered Emotet For 6 Months
August 17, 2020
A researcher was able to exploit a vulnerability in Emotet – effectively causing the infamous malware to crash and preventing it from infecting systems for six months. Emotet, which first emerged in 2014 and has since then evolved into a full fledged botnet that’s designed to steal account credentials and download further malware, mysteriously disappeared from ...
- How Unsecure gRPC Implementations Can Compromise APIs, Applications
August 17, 2020
Enterprises are turning to microservice architecture to build future-facing applications. Microservices allow enterprises to efficiently manage infrastructure, easily deploy updates or improvements, and help IT teams innovate, fail, and learn faster. It also allows enterprises to craft applications that can easily scale with demand. Additionally, as enterprises switch architectures — jumping from the traditional monolithic to ...
- Patch List: Adobe, Citrix, Intel, and vBulletin Vulns
August 14, 2020
Vulnerabilities expose enterprises’ systems to compromise. Now that many employees are working from home and operating devices outside the more secure office environments, the need to patch vulnerabilities as soon as they are discovered has become even more pressing. Aside from Microsoft, the following vendors also released patches recently: Adobe, Citrix, Intel, and vBulletin. We rounded ...
- XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits
August 13, 2020
Trend Micro has discovered an unusual infection related to Xcode developer projects. Upon further investigation, we discovered that a developer’s Xcode project at large contained the source malware, which leads to a rabbit hole of malicious payloads. Most notable in our investigation is the discovery of two zero-day exploits: one is used to steal cookies ...