CISA warns that RESURGE malware can be dormant on Ivanti devices
Summary
CISA has released information regarding RESURGE malware, used in conjunction with the CVE-2024-1709 exploit, targeting Ivanti Connect Secure devices. RESURGE is a malicious implant that can remain dormant on compromised systems.
IFF Assessment
FOE
The RESURGE malware poses a significant threat to Ivanti Connect Secure devices, requiring defenders to take action to detect and remediate compromised systems.
Severity
9.0
Critical
Defender Context
Defenders need to be aware of the RESURGE malware and its association with Ivanti Connect Secure vulnerabilities. Monitoring for signs of compromise, applying patches promptly, and implementing robust security measures are crucial. This highlights the ongoing need for vigilance against zero-day exploits and sophisticated implants.