Summary: The U.S. Cybersecurity and Information Security Agency (CISA) has issued an advisory regarding a new malware variant named RESURGE that exploits an Ivanti vulnerability (CVE-2025-0282). This malware is capable of file modifications, integrity manipulation, and creating a web shell, alongside features from a previous variant called SPAWNCHIMERA. CISA has provided hash values, YARA detection rules, and recommended security measures to mitigate the risks associated with this threat.
Affected: Ivanti Connect Secure devices
Keypoints :
- RESURGE malware creates a Secure Shell (SSH) tunnel for command and control.
- New capabilities include file modification, integrity checks manipulation, and web shell creation.
- CISA provided file hashes and recommendations for improving security practices.
Source: https://thecyberexpress.com/cisa-details-new-resurge-malware/
Views: 9