Cisco urges immediate software upgrade after state-sponsored attack
Cisco has urged its customers to upgrade their software after disclosing that state-sponsored hackers have compromised some of its security devices.
In a blog post, the company said hackers exploited previously undetected vulnerabilities in its Adaptive Security Appliances, a product that combines multiple cybersecurity functions.
The threat actor, termed UAT4356, deployed two backdoors, which were used to conduct malicious actions, including configuration modification, reconnaissance, network traffic capture/exfiltration, and potentially lateral movement. “This actor utilized bespoke tooling that demonstrated a clear focus on espionage and an in-depth knowledge of the devices that they targeted, hallmarks of a sophisticated state-sponsored actor,” the company said in the post.