New Firestarter backdoor breaches US federal agency via Cisco firewalls

CISA and the UK NCSC revealed that a US federal agency was breached using a newly discovered backdoor called Firestarter, which targets Cisco ASA and FTD firewall devices. The malware is notable for maintaining persistent access even after software updates, suggesting a highly sophisticated and likely state-backed threat actor. Although only one federal agency was confirmed compromised, officials warn the campaign likely extends to broader government and critical infrastructure networks. The discovery follows earlier Cisco-related advisories and comes amid renewed warnings about China’s offensive cyber operations.

Read the full story on The Register →