CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog
Security Affairs
APRIL 25, 2024
Cisco Talos researchers tracked this cyber-espionage campaign as ArcaneDoor. It exploits a legacy capability related to VPN client pre-loading, triggering at boot by searching for a specific file pattern on disk0: Upon detection, it unzips and executes a Lua script, providing persistent HTTP-based backdoor access.
Let's personalize your content