CISA warns of stealthy malware found on Pulse Secure devices

silversurfer

silversurfer

Super Moderator
Thread author
Verified
Top Poster
Staff Member
Malware Hunter
Aug 17, 2014
11,111
Content source
https://www.bleepingcomputer.com/news/security/cisa-warns-of-stealthy-malware-found-on-hacked-pulse-secure-devices/
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an alert today about more than a dozen malware samples found on exploited Pulse Secure devices that are largely undetected by antivirus products.

Since at least June 2020, Pulse Secure devices at U.S. government agencies, critical infrastructure entities, and various private sector organizations have been the target of attacks from threat actors.

Adversaries leveraged multiple vulnerabilities (CVE-2019-11510, CVE-2020-8260, CVE-2020-8243, CVE-2021-2289) for initial entry and placed webshells for backdoor access.
Click to expand...
Today, CISA published analysis reports for 13 malware pieces, some of them comprised of multiple files, found on compromised Pulse Secure devices. Administrators are strongly encouraged to review the reports for indicators of compromise and to learn about the threat actor’s tactics, techniques, and procedures (TTPs).

All the files that CISA analyzed were found on compromised Pulse Connect Secure devices and some of them were modified versions of legitimate Pulse Secure scripts.

In most cases, the malicious files were webshells for activating and running remote commands for persistence and remote access, but utilities were also present. [...]
Click to expand...
www.bleepingcomputer.com

CISA warns of stealthy malware found on hacked Pulse Secure devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an alert today about more than a dozen malware samples found on exploited Pulse Secure devices that are largely undetected by antivirus products.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • Applause
  • +Reputation
Reactions: Venustus, CyberTech, Yanick and 6 others
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability
Replies
0
Views
1,364
News Archive
silversurfer
silversurfer
Gandalf_The_Grey
    • Like
    • +Reputation
Security News CISA warns of actively exploited Linux privilege elevation flaw
Replies
0
Views
1,998
Security News
Gandalf_The_Grey
Gandalf_The_Grey
upnorth
    • Like
    • +Reputation
    • Applause
Nearly 4,500 Pulse Connect Secure VPNs Left Unpatched and Vulnerable
Replies
0
Views
569
News Archive
upnorth
upnorth

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top