Common Information
| Type | Value |
|---|---|
| Value |
ArcaneDoor |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | ArcaneDoor is a campaign that is the latest example of state-sponsored actors targeting perimeter network devices from multiple vendors. Coveted by these actors, perimeter network devices are the perfect intrusion point for espionage-focused campaigns. As a critical path for data into and out of the network, these devices need to be routinely and promptly patched; using up-to-date hardware and software versions and configurations; and be closely monitored from a security perspective. Gaining a foothold on these devices allows an actor to directly pivot into an organization, reroute or modify traffic and monitor network communications. In the past two years, we have seen a dramatic and sustained increase in the targeting of these devices in areas such as telecommunications providers and energy sector organizations — critical infrastructure entities that are likely strategic targets of interest for many foreign governments. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2024-09-06 | 0 | The 2024 Threat Landscape State of Play | ||
| Details | Website | 2024-09-06 | 0 | The 2024 Threat Landscape State of Play | ||
| Details | Website | 2024-09-05 | 3 | Cisco Warns of Critical Vulnerabilities in Smart Licensing Utility | ||
| Details | Website | 2024-04-25 | 3 | Cisco shuts ‘ArcaneDoor’ on exploitation of firewall zero days |