Threat actors have exploited recent Cisco firewall vulnerabilities using zero-day attacks to deploy sophisticated malware families like RayInitiator and LINE VIPER. These attacks, linked to the China-associated group UAT4356, target end-of-life ASA devices and employ advanced evasion techniques to avoid detection. #RayInitiator #LINEVIPER
Keypoints
- Threat actors exploited zero-day vulnerabilities in Cisco ASA devices for malware deployment.
- The malware families RayInitiator and LINE VIPER demonstrate increased sophistication and evasion capabilities.
- The campaign is associated with the threat group UAT4356, suspected to be China-linked.
- Devices with end-of-support status or lacking Secure Boot are particularly vulnerable.
- Cisco addressed multiple critical vulnerabilities, urging organizations to update their systems promptly.
Read More: https://thehackernews.com/2025/09/cisco-asa-firewall-zero-day-exploits.html