Chinese hackers scanning, exploiting Cisco ASA firewalls used by governments worldwide
China-based hackers are scanning for and exploiting a popular line of Cisco firewalls used by governments in the U.S., Europe and Asia.
Incident responders from Palo Alto Networks’ Unit 42 have been tracking the targeting of Cisco Adaptive Security Appliances (ASA) — popular devices used by governments and large businesses to consolidate several different security tasks into a single appliance. In addition to acting as firewalls, the appliances also prevent some intrusions, handle spam, conduct antivirus checks and more.
In a report shared with Recorded Future News, Unit 42 attributed the targeting of Cisco ASA devices to Storm-1849 — a China-based threat group that Cisco previously said has been attacking the tools since 2024.
Read more at The Record