Trichome

thcscience_admin
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
link correct NCSC
Tag: 2017 wikitext editor
fix cite
Tag: 2017 wikitext editor
Line 6: Line 6:
'''ArcaneDoor''' is a cybercrime/cyberwarfare campaign involving state actors that targets network edge devices.<ref>{{Cite web |date=2024-04-24 |title=ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices |url=https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/ |access-date=2024-04-28 |website=Cisco Talos Blog |language=en}}</ref> It has exploited a number of [[Zero-day vulnerability|zero-day vulnerabilities]] in Cisco devices.<ref name=BleepingComputer>{{Cite web |title=ArcaneDoor hackers exploit Cisco zero-days to breach govt networks |url=https://www.bleepingcomputer.com/news/security/arcanedoor-hackers-exploit-cisco-zero-days-to-breach-govt-networks/ |access-date=2024-04-28 |website=BleepingComputer |language=en-us}}</ref>
'''ArcaneDoor''' is a cybercrime/cyberwarfare campaign involving state actors that targets network edge devices.<ref>{{Cite web |date=2024-04-24 |title=ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices |url=https://blog.talosintelligence.com/arcanedoor-new-espionage-focused-campaign-found-targeting-perimeter-network-devices/ |access-date=2024-04-28 |website=Cisco Talos Blog |language=en}}</ref> It has exploited a number of [[Zero-day vulnerability|zero-day vulnerabilities]] in Cisco devices.<ref name=BleepingComputer>{{Cite web |title=ArcaneDoor hackers exploit Cisco zero-days to breach govt networks |url=https://www.bleepingcomputer.com/news/security/arcanedoor-hackers-exploit-cisco-zero-days-to-breach-govt-networks/ |access-date=2024-04-28 |website=BleepingComputer |language=en-us}}</ref>


It implants two [[Dropper (malware)|malware tippers]], ''Line Runner'' and ''Line Dancer'', that target [[Cisco Adaptive Security Appliance]]s and [[Firepower Threat Defense]] devices.<ref name=BleepingComputer/><ref>{{Cite web |date=24 April 2024 |title=Malware Tipper: Line Runner|url=https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/line/ncsc-tip-line-runner.pdf |access-date=2024-04-28 |website=[[National Cyber Security Centre (United Kingdom)|]]}}</ref><ref>{{Cite web |date=24 April 2024 |title=Malware Tipper: Line Dancer |url=https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/line/ncsc-tip-line-dancer.pdf |access-date=2024-04-28 |website=[[National Cyber Security Centre (United Kingdom)|]]}}</ref><ref>{{Cite web |title=Cisco zero-day flaws in ASA, FTD software under attack {{!}} TechTarget |url=https://www.techtarget.com/searchsecurity/news/366582137/Cisco-zero-day-flaws-in-ASA-FTD-software-under-attack |access-date=2024-04-28 |website=Security |language=en}}</ref>
It implants two [[Dropper (malware)|malware tippers]], ''Line Runner'' and ''Line Dancer'', that target [[Cisco Adaptive Security Appliance]]s and [[Firepower Threat Defense]] devices.<ref name=BleepingComputer/><ref>{{Cite web |date=24 April 2024 |title=Malware Tipper: Line Runner|url=https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/line/ncsc-tip-line-runner.pdf |access-date=2024-04-28 |website=[[National Cyber Security Centre (United Kingdom)|]]}}</ref><ref>{{Cite web |date=24 April 2024 |title=Malware Tipper: Line Dancer |url=https://www.ncsc.gov.uk/static-assets/documents/malware-analysis-reports/line/ncsc-tip-line-dancer.pdf |access-date=2024-04-28 |website=[[National Cyber Security Centre (United Kingdom)|]]}}</ref><ref>{{Cite web |title=Cisco zero-day flaws in ASA, FTD software under attack |url=https://www.techtarget.com/searchsecurity/news/366582137/Cisco-zero-day-flaws-in-ASA-FTD-software-under-attack |access-date=2024-04-28 |website=TechTarget |language=en}}</ref>


== References ==
== References ==

Revision as of 11:17, 28 April 2024

ArcaneDoor is a cybercrime/cyberwarfare campaign involving state actors that targets network edge devices.[1] It has exploited a number of zero-day vulnerabilities in Cisco devices.[2]

It implants two malware tippers, Line Runner and Line Dancer, that target Cisco Adaptive Security Appliances and Firepower Threat Defense devices.[2][3][4][5]

References

  1. ^ "ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices". Cisco Talos Blog. 2024-04-24. Retrieved 2024-04-28.
  2. ^ a b "ArcaneDoor hackers exploit Cisco zero-days to breach govt networks". BleepingComputer. Retrieved 2024-04-28.
  3. ^ "Malware Tipper: Line Runner" (PDF). [[National Cyber Security Centre (United Kingdom)|]]. 24 April 2024. Retrieved 2024-04-28.
  4. ^ "Malware Tipper: Line Dancer" (PDF). [[National Cyber Security Centre (United Kingdom)|]]. 24 April 2024. Retrieved 2024-04-28.
  5. ^ "Cisco zero-day flaws in ASA, FTD software under attack". TechTarget. Retrieved 2024-04-28.


Template:Cybercrime-stub

source: https://en.wikipedia.org/w/index.php?title=Draft:ArcaneDoor&curid=76757350&diff=1221185499&oldid=1221184239

Leave a Reply