Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack

May 24, 2024 at 12:51PM MITRE Corporation disclosed a cyber attack on a not-for-profit company in late December 2023, revealing details of the attack involving rogue virtual machines created within the VMware environment. The attack, attributed to a China-linked threat actor, exploited Ivanti Connect Secure flaws and highlights the need for organizations to remain vigilant … Read more

Chinese Hackers Deployed Backdoor Quintet to Down MITRE

May 7, 2024 at 05:56PM The MITRE Corporation was targeted by China-linked hackers who used various backdoors and web shells. The attackers gained access to NERVE, MITRE’s research network, and deployed five unique payloads over several months. MITRE emphasized the importance of secure design, zero trust, and continuous authentication in light of the attack’s aftermath. … Read more

China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion

May 7, 2024 at 09:57AM The recent cyber attack on MITRE Corporation, disclosed last month, exploited two zero-day vulnerabilities to target its NERVE research network. The attackers utilized various web shells and backdoors to gain access and maintain control, including deploying a Golang backdoor and conducting data exfiltration. The attack, attributed to a China-nexus cyber … Read more

MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws

April 22, 2024 at 08:00AM MITRE Corporation was targeted by a nation-state cyber attack exploiting two zero-day flaws in Ivanti Connect Secure appliances, compromising the NERVE network. The attack bypassed multi-factor authentication and moved laterally to breach VMware infrastructure. MITRE contained the incident and attributed the attack to a nation-state actor, urging for improved cybersecurity … Read more