Nation-State Hackers Breach MITRE Corp Using Zero-Day Vulnerabilities
On April 22, 2024, the MITRE Corporation reported a serious cyber attack linked to nation-state hackers who exploited two critical zero-day vulnerabilities in Ivanti Connect Secure appliances. The vulnerabilities, CVE-2023-46805 (CVSS 8.2) and CVE-2024-21887 (CVSS 9.1), enabled unauthorized command execution and lateral movement within MITRE's unclassified research network. Attackers managed to bypass multi-factor authentication, leading to the compromise of part of MITRE's VMware infrastructure. Fortunately, the core enterprise network remained secure. This incident highlights the increasing sophistication of nation-state threats and the urgent need for robust cybersecurity measures to protect sensitive research and development environments. MITRE Corporation Breached by Nation-State Hackers.
Also In Security Today
- Ransomware Hits Omni Hotels: Omni Hotels experienced a significant operational disruption due to a ransomware attack by Daixin, impacting customer data security and IT capabilities. This incident underscores the rising threat of ransomware across various sectors. Major Cyber Attacks and Data Breaches.
- Exploited Vulnerabilities Surge: A recent report indicates a record high in exploited vulnerabilities this month, with various zero-days being actively targeted, including those affecting Palo Alto's GlobalProtect. This coordinated attack has been dubbed "Operation MidnightEclipse." April 2024 Threat Tracking.
- New CVEs Released: The cybersecurity community continues to address multiple new CVEs, with a focus on patching vulnerabilities that could lead to severe breaches. Organizations are urged to prioritize updates and security measures to mitigate risks.