MITRE Corporation announced that a cyberattack on a nonprofit in late December 2023 exploited zero-day vulnerabilities in Ivanti Connect Secure (ICS) by creating rogue virtual machines (VMs) within its VMware environment. The threat actor, linked to China and tracked by Mandiant as UNC5221, accessed the Networked Experimentation, Research, and Virtualization Environment (NERVE) by exploiting ICS … Read more
MITRE recently shared findings from its own cyberattack in a blog post, revealing how Chinese state-sponsored threat actor UNC5221 used rogue virtual machines (VMs) to avoid detection and establish a permanent presence in MITRE’s VMware environment. The attackers gained initial access using two zero-day attacks against Ivanti Connect Secure in January, with the attack being … Read more
A recent report from MITRE detailed how hackers connected to China utilized VMware to evade detection and maintain persistence in a recent cyberattack. The hackers took advantage of vulnerabilities in VMware software to gain access to networks and deploy malware, allowing them to carry out a sophisticated and sophisticated cyber intrusion. The report highlights the … Read more
MITRE – an organisation set up to “advance national security in new ways” – was breached via a zero day in its Ivanti appliances, with private network NERVE, which hosts a “virtual development environment for all military branches and their respective weapons systems” compromised, in a potentially landmark incident for the US federal and defence … Read more