all InfoSec news
UNC5221: Unreported and Undetected WIREFIRE Web Shell Variant
Malware Analysis, News and Indicators - Latest topics malware.news
<div>
<div>
<div>
<div><p><strong>QuoIntelligence uncovers a previously unreported and undetected variant of the WIREFIRE web shell, a Python-based implant found in Ivanti Connect Secure (ICS) VPN compromised appliances.</strong></p></div>
</div><div>
<img alt="QuoIntelligence Blog - Fake Handelsregister Invoices" height="1260" src="https://quointelligence.eu/wp-content/uploads/2024/01/Breaking-News-UN-5223.png" title="Breaking News- UN 5223" width="2240" />
</div><div><div></div></div><div>
<div><h2>Introduction</h2>
In mid-December, security researchers from Mandiant and Volexity identified multiple web shells hidden by an unknown threat actor on internal and external-facing web applications, a global exploitation and intrusion attempt against Ivanti Connect Secure …
actor compromised connect december found hidden ics implant internal introduction ivanti ivanti connect secure mandiant python researchers security security researchers shell shells threat threat actor undetected volexity vpn web web shell web shells