MITRE breach linked to Chinese threat operation

8 May 2024

Chinese cyberespionage operation UNC5221 was disclosed by the MITRE Corporation to being behind the compromise of its Networked Experimentation, Research, and Virtualization Environment facilitated by the exploitation of Ivanti Connect Secure zero-day vulnerabilities, tracked as CVE-2023-46805 and CVE-2024-21887, The Hacker News reports. Intrusions infiltrating MITRE’s NERVE network commenced on New Year’s Eve, with attackers leveraging the Ivanti zero-days to deploy the ROOTROT web shell, which eventually led to the compromise of the organization’s VMware infrastructure and the distribution of the BRICKSTORM backdoor and BEEFLUSH web shell, according to a MITRE report.

Source: SC Magazine

Date:

8 May 2024

Categorie(s):

NEWS

Tag(s):

Chinese, IT, MITRE, Network Security, News

Chinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto Scam19 May 2024
Week in review: New Black Basta’s social engineering campaign, passing the CISSP exam in 6 weeks19 May 2024
Grandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks Worldwide19 May 2024
Enhanced Security for Enterprises: Google Launches Google Threat Intelligence19 May 2024
Hackers Exploiting Docusign With Phishing Attack To Steal Credentials19 May 2024