MITRE revealed a breach in their unclassified collaborative research and development network. The vulnerabilities (CVE-2023-46805 [CVSS 8+] and CVE-2024-21887 [CVSS 9+] were in multiple attacks, before the zero-day vulnerability report. Despite swift action to secure the system following Ivanti and CISA advisories, attackers had already moved laterally into the VMware infrastructure. They employed sophisticated backdoors and webshells for persistence and credential harvesting.
You Might Be Interested In
- Apple’s New Feature: Stolen Device Protection for iPhones
- U.S. Internet Corp Exposed Internal and Customer Emails
- Key Insights Revealed about MGM Resorts Attack
- [Zero-Day] Google’s Urgent Chrome Update
- [CVSS 9+] Critical Juniper Vulnerability: Patch Now!
- Alert: New “RustDoor” Backdoor Targets Apple macOS Devices