As part of CISA’s ongoing response to Pulse Secure compromises, CISA has analyzed 13 malware samples related to exploited Pulse Secure devices. CISA encourages users and administrators to review the following 13 malware analysis reports (MARs) for threat actor techniques, tactics, and procedures (TTPs) and indicators of compromise (IOCs) and to review CISA’s Alert Exploitation of Pulse Connect Secure Vulnerabilities for more information.
MARS:
- MAR-10333209-1.v1: Pulse Connect Secure
- MAR-10333243-1.v1: Pulse Connect Secure
- MAR-10334057-1.v1: Pulse Connect Secure
- MAR-10334057-2.v1: Pulse Connect Secure
- MAR-10334587-1.v1: Pulse Connect Secure
- MAR-10334587-2.v1: Pulse Connect Secure
- MAR-10335467-1.v1: Pulse Connect Secure
- MAR-10336161-1.v1: Pulse Connect Secure
- MAR-10336935-1.v1: Pulse Connect Secure
- MAR-10337580-1.v1: Pulse Connect Secure
- MAR-10337580-2.v1: Pulse Connect Secure
- MAR-10338401-1.v1: Pulse Connect Secure
- MAR-10338868-1.v1: Pulse Connect Secure
This product is provided subject to this Notification and this Privacy & Use policy.