You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cisco firepower
About this tag
The cisco firepower tag covers discussions about security threats targeting Cisco Firepower devices, particularly the FIRESTARTER backdoor malware. This persistence layer can survive firmware updates and patching on Cisco ASA and FTD software, allowing advanced threat actors to maintain access after initial compromise. CISA and the U.K. NCSC have observed active implants in the wild, making this a critical operational security concern for organizations using Cisco Firepower appliances. The tag focuses on the unique challenge of post-patching footholds that require more than standard remediation.
The FIRESTARTER backdoor is a reminder that patching vulnerable Cisco edge devices is only half the battle: if attackers implant persistence before remediation, they can survive firmware updates and return later without re-exploiting the original flaw. CISA and the U.K. NCSC say the malware was...
FIRESTARTER is not just another firewall implant; it is a persistence layer that turns a compromised Cisco edge device into something much harder to clean than a simple rebooted box. CISA and the U.K. NCSC say the malware is being used by advanced threat actors to maintain access on publicly...