Malware Targeting Pulse Secure Devices

Original release date: July 21, 2021

As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed 13 malware samples related to exploited Pulse Secure devices. CISA encourages users and administrators to review the following 13 malware analysis reports (MARs) for threat actor techniques, tactics, and procedures (TTPs) and indicators of compromise (IOCs) and to review CISA’s Alert Exploitation of Pulse Connect Secure Vulnerabilities for more information. 

MARS:

• MAR-10333209-1.v1: Pulse Connect Secure
• MAR-10333243-1.v1: Pulse Connect Secure
• MAR-10334057-1.v1: Pulse Connect Secure
• MAR-10334057-2.v1: Pulse Connect Secure
• MAR-10334587-1.v1: Pulse Connect Secure
• MAR-10334587-2.v1: Pulse Connect Secure
• MAR-10335467-1.v1: Pulse Connect Secure
• MAR-10336161-1.v1: Pulse Connect Secure
• MAR-10336935-1.v1: Pulse Connect Secure
• MAR-10337580-1.v1: Pulse Connect Secure
• MAR-10337580-2.v1: Pulse Connect Secure
• MAR-10338401-1.v1: Pulse Connect Secure
• MAR-10338868-1.v1: Pulse Connect Secure

Source link