You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
network device malware
About this tag
The FIRESTARTER backdoor is a sophisticated malware targeting Cisco ASA and Firepower devices, demonstrating that patching alone is insufficient when attackers implant persistence before remediation. This network device malware can survive firmware updates, allowing adversaries to maintain access without re-exploiting the original vulnerability. Discovered alongside LINE VIPER during forensic investigations, it highlights the need for comprehensive security measures beyond patching. Discussions on WindowsForum emphasize the challenges defenders face when such malware establishes a foothold in network infrastructure, complicating cleanup and recovery efforts.
The FIRESTARTER backdoor is a reminder that patching vulnerable Cisco edge devices is only half the battle: if attackers implant persistence before remediation, they can survive firmware updates and return later without re-exploiting the original flaw. CISA and the U.K. NCSC say the malware was...