MITRE Hit by Chinese Hackers Exploiting Ivanti Zero-Day in Prolonged Breach
May 8, 2024MITRE experienced a security breach starting on December 31, 2023, due to exploited Ivanti zero-day vulnerabilities.
Attackers gained network access using compromised administrative credentials, web shells, and backdoors.
The breach is attributed to a Chinese threat actor, UNC5221.
Data exfiltration by the attackers commenced on January 19 and continued with attempts to access further resources in the following months.
MITRE plans to release further details on the breach and offer detection tools next week.
Summary based on 1 source
Get a daily email with more Cybersecurity stories
Source
Help Net Security • May 8, 2024
MITRE breach details reveal attackers' successes and failures - Help Net Security