{"id":192414,"date":"2026-03-03T13:08:00","date_gmt":"2026-03-03T18:08:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/03\/cisa-issues-updated-resurge-malware-analysis-highlighting-a-stealthy-but-active-threat\/"},"modified":"2026-03-03T13:30:14","modified_gmt":"2026-03-03T18:30:14","slug":"cisa-issues-updated-resurge-malware-analysis-highlighting-a-stealthy-but-active-threat","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/03\/03\/cisa-issues-updated-resurge-malware-analysis-highlighting-a-stealthy-but-active-threat\/","title":{"rendered":"CISA Issues Updated RESURGE Malware Analysis Highlighting a Stealthy but Active Threat"},"content":{"rendered":"<p><a href=\"https:\/\/www.hstoday.us\/subject-matter-areas\/cybersecurity\/cisa-issues-updated-resurge-malware-analysis-highlighting-a-stealthy-but-active-threat\/\">CISA Issues Updated RESURGE Malware Analysis Highlighting a Stealthy but Active Threat<\/a><\/p>\n<p><a href=\"https:\/\/www.hstoday.us\/subject-matter-areas\/cybersecurity\/cisa-issues-updated-resurge-malware-analysis-highlighting-a-stealthy-but-active-threat\/\">https:\/\/www.hstoday.us\/subject-matter-areas\/cybersecurity\/cisa-issues-updated-resurge-malware-analysis-highlighting-a-stealthy-but-active-threat\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-03-03 13:08:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.hstoday.us\">www.hstoday.us<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points.<br \/>\nThe Cybersecurity and Infrastructure Security Agency has released an updated Malware Analysis Report\u00a0(MAR) revealing new findings on RESURGE, a highly sophisticated malware implant that exploits vulnerabilities to gain covert Secure Shell (SSH)\u2013based command\u2011and\u2011control access. The updated analysis provides network defenders with deeper technical insights and improved detection resources, while issuing a clear warning: RESURGE is engineered to persist silently on compromised systems, remaining dormant until a remote actor connects. This stealth capability enables the malware to evade routine scans and monitoring\u2014meaning RESURGE may still be present and undetected on Ivanti Connect Secure devices, posing an active and ongoing threat to affected networks.<br \/>\n\u201cAs America\u2019s cyber defense agency, the Cybersecurity and Infrastructure Security Agency remains fully committed to safeguarding the nation\u2019s critical infrastructure, even during the ongoing multi\u2011week shutdown of the Department of Homeland Security,\u201d said\u00a0CISA Acting Director Dr. Madhu Gottumukkala. \u201cThe vulnerabilities detailed in this updated Malware Analysis Report pose real risks to people, property, and essential systems. Given the ease with which these vulnerabilities can be exploited through sophisticated network-level evasion, we determined it was imperative to provide network defenders with enhanced insights to respond faster to the RESURGE malware.\u201d<br \/>\nThe\u00a0original MAR\u00a0released on March 28, 2025, highlighted RESURGE\u2019s ability to modify files, manipulate integrity checks and deploy a web shell to the Ivanti boot disk. CISA\u2019s updated analysis shows that RESURGE has sophisticated network-level evasion and authentication techniques, leveraging advanced cryptographic methods and forged Transport Layer Security (TLS) certificates to facilitate covert communications.<br \/>\n\u201cBy expanding on the technical details in the original Malware Analysis Report (MAR) on RESURGE, we are equipping network defenders with a deeper, more complete understanding of this malware\u2014along with the tools they need to identify, mitigate, and respond effectively,\u201d\u00a0said Nick Andersen, CISA Executive Assistant Director for Cybersecurity.\u00a0\u201cOur updated analysis shows that RESURGE can remain dormant and undetected on Ivanti Connect Secure devices, meaning the threat is very much active.\u201d<br \/>\nCISA encourages organizations to use the indicators of compromise (IOCs) and detection signatures to\u00a0identify\u00a0RESURGE and implement the actions in\u00a0CISA Mitigation Instruction for CVE-2025-0282\u00a0in addition to the update released today.<br \/>\nThe original announcement can be found here.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA Issues Updated RESURGE Malware Analysis Highlighting a Stealthy but Active Threat https:\/\/www.hstoday.us\/subject-matter-areas\/cybersecurity\/cisa-issues-updated-resurge-malware-analysis-highlighting-a-stealthy-but-active-threat\/ Publish Date:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":192415,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.hstoday.us\/wp-content\/uploads\/2018\/03\/malware.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,32],"class_list":["post-192414","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-malware"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/192414"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=192414"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/192414\/revisions"}],"predecessor-version":[{"id":192416,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/192414\/revisions\/192416"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/192415"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=192414"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=192414"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=192414"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}