MITRE has shared a timeline of the recent breach if fell victim to and has confirmed that it began earlier than previously thought: on December 31, 2023. On that day, the attackers deployed a web shell on an external-facing Ivanti Connect Secure VPN appliance by exploiting CVE-2023–46805 and CVE-2024–21887, two zero days whose existence became publicly known in early January, when patches were still unavailable. Tools and techniques used to breach MITRE The attackers leveraged … More

The post MITRE breach details reveal attackers’ successes and failures appeared first on Help Net Security.


Leave a Reply

Your email address will not be published. Required fields are marked *