Home / Technology / Cybersecurity Agency Warns of Active Exploitation of Cisco Firewall Flaws
Cybersecurity Agency Warns of Active Exploitation of Cisco Firewall Flaws
13 Nov
Summary
- CISA tracking active exploitation of Cisco firewall vulnerabilities since September
- Some federal agencies still vulnerable despite patch directive
- CBO hacked, suspected foreign hackers stole emails and chat logs
According to a recent advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), federal government departments are not sufficiently patching their systems to protect against an ongoing hacking campaign targeting Cisco firewalls. CISA stated that it has been "tracking active exploitation" of two security vulnerabilities in Cisco's Adaptive Security Appliance (ASA) software since September.
The agency issued an emergency directive ordering agencies to patch their affected systems, but some departments remain vulnerable to the threats outlined in the directive. While CISA did not disclose which government agencies had been compromised, it urged all organizations using the impacted Cisco devices to update to the latest patch version to avoid exploitation.
In a related incident, the Congressional Budget Office (CBO) confirmed last week that it had been hacked, allowing suspected foreign actors to steal the agency's emails and chat logs between lawmakers' offices and CBO researchers. Security researcher Kevin Beaumont found that the CBO had an affected Cisco firewall that had not been patched prior to the U.S. government shutdown on October 1, which may have contributed to the breach.
