Cybersecurity firm FireEye said it is tracking 12 malware families associated with the exploitation of Pulse Secure VPN devices.
Details: FireEye issued a report detailing the activities of the UNC2630 group against U.S. Defense Industrial Base networks and providing analysis and detection methods to identify a wide range of related malicious activity.
Federal Alerts: The Cybersecurity and Infrastructure Security Agency (CISA) and Treasury’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) separately issued directives on the vulnerabilities.
Background: The reports underscore the growth of malicious actors breaching institutions’ VPNs to install malware, spyware, ransomware, and other malicious apps.
More: ICBA offers prevention and risk mitigation resources on its Cyber and Data Security page.