CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure
CISA has published a Malware Analysis Report (MAR) with analysis and associated detection signatures on a new malware variant CISA has identified as RESURGE. RESURGE contains capabilities of the SPAWNCHIMERA[1] malware variant, including surviving reboots; however, RESURGE contains distinctive commands that alter its behavior. These commands: Create a web shell, manipulate integrity checks, and modify files. Enable the use of web shells for credential harvesting, account creation, password resets, and escalating permissions. Copy the web…
Read More
