Skip to content
Threat Feed

Tag

Cisco-Asa

5 briefs RSS
medium advisory

Cisco ASA - New Local User Account Creation

Detection of new user account creations on Cisco ASA devices, potentially indicating unauthorized access or persistence attempts by adversaries.

Cisco ASA cisco-asa account-creation persistence
2r 2t
medium advisory

Cisco ASA Logging Message Suppression

Adversaries may suppress specific log message IDs on Cisco ASA devices using the 'no logging message' command to selectively disable logging of security-critical events and evade detection.

Cisco ASA cisco-asa logging defense-evasion network
2r 2t
high advisory

Cisco ASA User Privilege Level Change Detection

Detection of unauthorized privilege level changes on Cisco ASA devices, potentially indicating privilege escalation or persistence attempts by threat actors.

Cisco ASA cisco-asa privilege-escalation persistence network
2r 2t
high advisory

Cisco ASA Device File Copy to Remote Location

The analytic detects file copy operations from Cisco ASA devices to remote locations using protocols like TFTP, FTP, HTTP, HTTPS, SMB, or SCP, potentially indicating data exfiltration by threat actors targeting network devices.

Cisco ASA cisco-asa data-exfiltration network-device
2r 3t
high advisory

Cisco ASA AAA Policy Tampering

Unauthorized modifications to Cisco ASA AAA policies via CLI or ASDM can weaken authentication mechanisms, potentially enabling brute-force attacks, privilege escalation, and persistent access by malicious actors.

Cisco Adaptive Security Appliance cisco-asa aaa-policy privilege-escalation persistence
2r 3t