VERY IMPORTANT

The US Department of Homeland Security (CISA) has issued a security bulletin, based on the Traffic Light Protocol (TLP), which allows information to be accessed via a secure, secure website. CISA received five files for analysis. Two files are Perl scripts that execute the attacker's commands stored in the environment variable; one file is a Perl library that provides functions to an installer; one file is a Perl script that creates a table and that table's first record; and one file is a shell script that manipulates the '/bin/umount' file and executes it. This analysis is derived from malicious files found on Pulse Connect Secure devices.