The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure (ICS) involved the threat actor creating rogue virtual machines (VMs) within its VMware environment.
"The adversary created their own rogue VMs within the VMware environment, leveraging compromised vCenter Server access,"
The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now dates back to December 31, 2023.
The attack, which came to light last month, singled out MITRE's Networked Experimentation, Research, and Virtualization Environment (NERVE) through the exploitation of two Ivanti Connect Secure zero-day
The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti Connect Secure appliances starting in January 2024.
The intrusion led to the compromise of its Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified research and prototyping network.
The unknown adversary "performed reconnaissance
Thorough, independent tests are a vital resource for analyzing providerβs capabilities to guard against increasingly sophisticated threats to their organization. And perhaps no assessment is more widely trusted than the annualΒ MITRE Engenuity ATT&CK Evaluation.Β
This testing is critical for evaluating vendors because itβs virtually impossible to evaluate cybersecurity vendors based on their own
Login
FreshRSS