Security News

Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack
2024-05-24 16:30

The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure (ICS) involved the...

MITRE Unveils EMB3D: A Threat-Modeling Framework for Embedded Devices
2024-05-13 14:29

The MITRE Corporation has officially made available a new threat-modeling framework called EMB3D for makers of embedded devices used in critical infrastructure environments. "The model provides a...

MITRE breach details reveal attackers’ successes and failures
2024-05-08 11:06

MITRE has shared a timeline of the recent breach if fell victim to and has confirmed that it began earlier than previously thought: on December 31, 2023. Tools and techniques used to breach MITRE. The attackers leveraged the Ivanti zero-days to gain access to the organization's research and prototyping network, from which they performed additional reconnaissance, moved into its VMware environment and exfitrated data.

China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion
2024-05-07 12:55

The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now dates back to December 31, 2023. The attack,...

Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024
2024-04-28 08:00

Hackers backdoored Cisco ASA devices via two zero-daysA state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances used on government networks across the globe and use two zero-day vulnerabilities to install backdoors on them, Cisco Talos researchers have shared on Wednesday. How to optimize your bug bounty programsIn this Help Net Security interview, Roy Davis, Manager - Vulnerability Management & Bug Bounty at Zoom, discusses the role bug bounty programs play in identifying security vulnerabilities and facilitating collaboration with researchers.

MITRE breached by nation-state threat actor via Ivanti zero-days
2024-04-22 12:16

MITRE has been breached by attackers via two zero-day vulnerabilities in Ivanti's Connect Secure VPN devices. The attackers have also managed to move laterally and compromise the company network's VMware infrastructure, MITRE confirmed late last week.

MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws
2024-04-22 11:05

The MITRE Corporation reported a cyber attack that began in January 2024, involving a nation-state actor exploiting two zero-day vulnerabilities in Ivanti Connect Secure appliances. The attack compromised MITRE's Networked Experimentation, Research, and Virtualization Environment (NERVE), which is an unclassified network used for research and prototyping.The attackers used these vulnerabilities to bypass multi-factor authentication and execute arbitrary commands. They gained initial access, moved laterally within the network, and compromised the VMware infrastructure using an administrator account. This allowed them to deploy backdoors and web shells for ongoing access and data extraction.

MITRE admits 'nation state' attackers touched its NERVE R&D operation
2024-04-22 01:57

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

MITRE says state hackers breached its network via Ivanti zero-days
2024-04-19 19:02

The MITRE Corporation says that a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days. The incident was discovered after suspicious activity was detected on MITRE's Networked Experimentation, Research, and Virtualization Environment, an unclassified collaborative network used for research and development.

Key MITRE ATT&CK techniques used by cyber attackers
2024-03-15 06:00

The classic tools and techniques adversaries deploy remain consistent-with some notable exceptions. Detections for malicious email forwarding rules rose by nearly 600%, as adversaries compromised email accounts, redirected sensitive communications to archive folders and other places users are unlikely to look, and attempted to modify payroll or wire transfer destinations, rerouting money into the criminal's account.