Security News > 2024 > April > MITRE breached by nation-state threat actor via Ivanti zero-days

MITRE has been breached by attackers via two zero-day vulnerabilities in Ivanti's Connect Secure VPN devices.

The attackers have also managed to move laterally and compromise the company network's VMware infrastructure, MITRE confirmed late last week.

The MITRE Corporation is an American not-for-profit organization that manages federally funded research and development centers supporting various US government agencies.

"After detecting suspicious activity on Networked Experimentation, Research, and Virtualization Environment, a collaborative network used for research, development, and prototyping, compromise by a foreign nation-state threat actor was confirmed," the corporation stated on Friday.

"MITRE followed best practices, vendor instructions, and the government's [January] advice to upgrade, replace, and harden our Ivanti system, but we did not detect the lateral movement into our VMware infrastructure. At the time we believed we took all the necessary actions to mitigate the vulnerability, but these actions were clearly insufficient," Clancy and Crumpton said.

The corporation says they have been breached by a "Nation-state threat actor".

News URL

https://www.helpnetsecurity.com/2024/04/22/mitre-breached/