# Malware Targeting Pulse Secure Devices

**[us-cert.cisa.gov/ncas/current-activity/2021/07/21/malware-targeting-pulse-secure-devices](https://us-cert.cisa.gov/ncas/current-activity/2021/07/21/malware-targeting-pulse-secure-devices)**

An official website of the United States government Here's how you know

**Official websites use .gov**

A .gov website belongs to an official government organization in the United States.

**Secure .gov websites use HTTPS**

A lock ( **) or https:// means you've safely connected to the .gov website. Share sensitive**
information only on official, secure websites.

[CISA.gov](https://www.cisa.gov/) [Services](https://us-cert.cisa.gov/services) [Report](https://us-cert.cisa.gov/report)

As part of CISA’s [ongoing response to Pulse Secure compromises, CISA has analyzed 13](https://us-cert.cisa.gov/ncas/alerts/aa21-110a)
malware samples related to exploited Pulse Secure devices. CISA encourages users and
administrators to review the following 13 malware analysis reports (MARs) for threat actor
techniques, tactics, and procedures (TTPs) and indicators of compromise (IOCs) and to
review CISA’s Alert [Exploitation of Pulse Connect Secure Vulnerabilities for more](https://us-cert.cisa.gov/ncas/alerts/aa21-110a)
information.

MARS:

[This product is provided subject to this Notification and this](https://us-cert.cisa.gov/privacy/notification) [Privacy & Use policy.](https://www.dhs.gov/privacy-policy)

**Please share your thoughts.**

[We recently updated our anonymous product survey; we'd welcome your feedback.](https://www.surveymonkey.com/r/CISA-cyber-survey?product=https://us-cert.cisa.gov/ncas/current-activity/2021/07/21/malware-targeting-pulse-secure-devices)


-----