Hackers Use Rogue VMs to Evade Detection in Recent MITRE Cyberattack
MITRE Corporation announced that a cyberattack on a nonprofit in late December 2023 exploited zero-day vulnerabilities in Ivanti Connect Secure (ICS) by creating rogue virtual machines (VMs) within its VMware environment. The threat actor, linked to China and tracked by Mandiant as UNC5221, accessed the Networked Experimentation, Research, and Virtualization Environment (NERVE) by exploiting ICS … Read more