MITRE revealed that a foreign state-sponsored threat actor hacked it a few months ago. The attack targeted MITRE’s Networked Experimentation, Research, and Virtualization Environment (NERVE) for research, development, and prototyping.
The hackers exploited two Ivanti Connect Secure VPN device zero-day vulnerabilities for initial access and bypassed MITRE’s multi-factor authentication system using session hijacking. MITRE’s investigation is ongoing, but there is no evidence that the incident impacts its core enterprise network or partners’ systems.
Read more: MITRE Hacked by State-Sponsored Group via Ivanti Zero-Days
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.
