CISA warns of stealthy malware found on Pulse Secure devices

silversurfer

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,174
Content source
https://www.bleepingcomputer.com/news/security/cisa-warns-of-stealthy-malware-found-on-hacked-pulse-secure-devices/
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an alert today about more than a dozen malware samples found on exploited Pulse Secure devices that are largely undetected by antivirus products.

Since at least June 2020, Pulse Secure devices at U.S. government agencies, critical infrastructure entities, and various private sector organizations have been the target of attacks from threat actors.

Adversaries leveraged multiple vulnerabilities (CVE-2019-11510, CVE-2020-8260, CVE-2020-8243, CVE-2021-2289) for initial entry and placed webshells for backdoor access.
Click to expand...
Today, CISA published analysis reports for 13 malware pieces, some of them comprised of multiple files, found on compromised Pulse Secure devices. Administrators are strongly encouraged to review the reports for indicators of compromise and to learn about the threat actor’s tactics, techniques, and procedures (TTPs).

All the files that CISA analyzed were found on compromised Pulse Connect Secure devices and some of them were modified versions of legitimate Pulse Secure scripts.

In most cases, the malicious files were webshells for activating and running remote commands for persistence and remote access, but utilities were also present. [...]
Click to expand...
www.bleepingcomputer.com

CISA warns of stealthy malware found on hacked Pulse Secure devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released an alert today about more than a dozen malware samples found on exploited Pulse Secure devices that are largely undetected by antivirus products.
www.bleepingcomputer.com www.bleepingcomputer.com
 
  • Like
  • Applause
  • +Reputation
Reactions: Venustus, CyberTech, Yanick and 6 others
You must log in or register to reply here.

Similar threads

silversurfer
    • Like
    • +Reputation
CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability
Replies
0
Views
1,066
News Archive
silversurfer
silversurfer
upnorth
    • Like
    • +Reputation
    • Applause
Nearly 4,500 Pulse Connect Secure VPNs Left Unpatched and Vulnerable
Replies
0
Views
459
News Archive
upnorth
upnorth
MuzzMelbourne
    • Like
    • +Reputation
    • Wow
Samsung Devices Under Active Exploitation! CISA Warns of Critical Flaw
Replies
2
Views
1,108
News Archive
MuzzMelbourne
MuzzMelbourne

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top