By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
Viral Trending contentViral Trending content
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
Reading: Surge in networks scans targeting Cisco ASA devices raise concerns
Notification Show More
Viral Trending contentViral Trending content
  • Home
  • Categories
    • World News
    • Politics
    • Sports
    • Celebrity
    • Business
    • Crypto
    • Tech News
    • Gaming News
    • Travel
  • Bookmarks
© 2024 All Rights reserved | Powered by Viraltrendingcontent
Viral Trending content > Blog > Tech News > Surge in networks scans targeting Cisco ASA devices raise concerns
Tech News

Surge in networks scans targeting Cisco ASA devices raise concerns

By admin 3 Min Read
Share
SHARE

Large network scans have been  targeting Cisco ASA devices, prompting warnings from cybersecurity researchers that it could indicate an upcoming flaw in the products.

GreyNoise has recorded two significant scanning spikes in late August, with up to 25,000 unique IP addresses probing ASA login portals and also Cisco IOS Telnet/SSH.

The second wave, logged on August 26, 2025, was largely (80%) driven by a Brazilian botnet, using roughly 17,000 IPs. 

In both cases, the threat actors used overlapping Chrome-like user agents, suggesting a common origin.

GreyNoise
<em>Source: GreyNoise</em>

The scanning activity predominantly targeted the United States, while the UK and Germany were also targeted.

GreyNoise has previously explained that such reconnaissance activity precedes the disclosure of new vulnerabilities on the scanned products in 80% of cases.

Statistically, this correlation was weaker for Cisco, compared to other vendors, but information about such spikes can still be to helpful to defenders in enhancing their monitoring and proactive measures.

These scans are commonly failed exploitation attempts of already-patched bugs, but they can also be enumeration and mapping efforts in preparation for exploiting new flaws.

A separate report published earlier by system administrator ‘NadSec – Rat5ak’ reports overlapping activity that started on July 31 with low opportunistic scans that escalated in mid-August and culminated on August 28.

Rat5ak saw 200,000 hits on Cisco ASA endpoints within 20 hours, with a uniform 10k/IP traffic that appeared highly automated.

NadSec - Rat5ak
<em>Source: NadSec &#8211; Rat5ak</em>

The administrator reports that the activity came from three ASNs, namely Nybula, Cheapy-Host, and Global Connectivity Solutions LLP.

System administrators are advised to apply the latest security updates on Cisco ASA to patch known vulnerabilities, enforce multi-factor authentication (MFA) for all remote ASA logins, and avoid exposing /+CSCOE+/logon.html, WebVPN, Telnet, or SSH directly.

If external access is required, a VPN concentrator, reverse proxy, or access gateway should be used to enforce additional access controls.

Finally, use the scanning activity indicators shared in GreyNoise and Rat5ak’s reports to preemptively block these attempts, or use geo-blocking and rate limiting for regions far from your organization.

BleepingComputer has contacted Cisco for a comment on the observed activity, and we will update this post when we hear back from them.

Picus Blue Report 2025

46% of environments had passwords cracked, nearly doubling from 25% last year.

Get the Picus Blue Report 2025 now for a comprehensive look at more findings on prevention, detection, and data exfiltration trends.

You Might Also Like

Five SETU scientists listed among world’s top 2pc on Stanford list

7 Key Workflows for Maximum Impact

At a Conspiracy Conference in Rural Ireland, Charlie Kirk Was the Star

Samsung Project Moohan gets Rumoured Release Date

How Nothing OS Uses AI to Personalize Your Digital World

TAGGED: Cisco, Cisco ASA, Defense, Reconnaissance, Scanner, Vulnerability
Share This Article
Facebook Twitter Copy Link
Previous Article Should Ravens Feel Better Than Bills After Thriller? Greg Olsen Makes the Case
Next Article Save $60 on the DJI Mic Mini Kit—Price Drops to Just $109 Today
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

- Advertisement -
Ad image

Latest News

Five SETU scientists listed among world’s top 2pc on Stanford list
Tech News
Here’s why the US shutdown may prove more painful than past crises
Business
Black Ops 7 returns to Call of Duty's three-lane map design, and that's a good thing
Gaming News
7 Key Workflows for Maximum Impact
Tech News
Tesla vehicle sales made a comeback last quarter. Will a lost EV tax credit end the rebound?
Business
Thailand To Expand Crypto ETF Lineup Beyond Bitcoin In Early 2026 – Report
Crypto
At a Conspiracy Conference in Rural Ireland, Charlie Kirk Was the Star
Tech News

About Us

Welcome to Viraltrendingcontent, your go-to source for the latest updates on world news, politics, sports, celebrity, tech, travel, gaming, crypto news, and business news. We are dedicated to providing you with accurate, timely, and engaging content from around the globe.

Quick Links

  • Home
  • World News
  • Politics
  • Celebrity
  • Business
  • Home
  • World News
  • Politics
  • Sports
  • Celebrity
  • Business
  • Crypto
  • Gaming News
  • Tech News
  • Travel
  • Sports
  • Crypto
  • Tech News
  • Gaming News
  • Travel

Trending News

cageside seats

Unlocking the Ultimate WWE Experience: Cageside Seats News 2024

Five SETU scientists listed among world’s top 2pc on Stanford list

Investing £5 a day could help me build a second income of £329 a month!

cageside seats
Unlocking the Ultimate WWE Experience: Cageside Seats News 2024
May 22, 2024
Five SETU scientists listed among world’s top 2pc on Stanford list
October 3, 2025
Investing £5 a day could help me build a second income of £329 a month!
March 27, 2024
Brussels unveils plans for a European Degree but struggles to explain why
March 27, 2024
© 2024 All Rights reserved | Powered by Vraltrendingcontent
  • About Us
  • Contact US
  • Disclaimer
  • Privacy Policy
  • Terms of Service
Welcome Back!

Sign in to your account

Lost your password?