MITRE says state hackers breached its network via Ivanti zero-days
The MITRE Corporation says a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days. [...]
Stay informed on the latest hacking trends, threats, and prevention strategies in cyber security with insightful articles and updates.
Search across headline titles and summaries.
Background for this topic.
Hacking is the use of technical methods to access, alter, disrupt, or examine computer systems and data, either with authorization or without it. In security reporting, the term usually covers unauthorized exploitation of software flaws, exposed services, weak credentials, misconfigurations, and sometimes human trust through phishing or other social engineering.
Its security significance depends on the attacker’s access and objective: a compromised internet-facing system may enable data theft, unauthorized changes, or movement into other systems, while a benign penetration test can reveal the same weaknesses before they are abused. Defenders reduce exposure through timely vulnerability management, secure configuration, strong authentication, network and endpoint monitoring, and tested incident-response procedures. Useful reporting distinguishes confirmed compromise from attempted or suspected activity and identifies the exploited entry point, affected assets, and whether access was contained.
The MITRE Corporation says a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days. [...]
LastPass is warning of a malicious campaign targeting its users with the CryptoChameleon phishing kit that is associated with cryptocurrency theft. [...]
The Sandworm hacking group associated with Russian military intelligence has been hiding attacks and operations behind multiple online personas posing as hacktivist groups. [...]
At least six distinct botnet malware operations are hunting for TP-Link Archer AX21 (AX1800) routers vulnerable to a command injection security issue reported and addressed last year. [...]
A new campaign conducted by the TA558 hacking group is concealing malicious code inside images using steganography to deliver various malware tools onto targeted systems. [...]