MITRE says state hackers breached its network via Ivanti zero-days
The MITRE Corporation says a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days. [...]
Stay informed on the latest hacking trends, threats, and prevention strategies in cyber security with insightful articles and updates.
Search across headline titles and summaries.
Background for this topic.
Hacking is the use of technical methods to access, alter, disrupt, or examine computer systems and data, either with authorization or without it. In security reporting, the term usually covers unauthorized exploitation of software flaws, exposed services, weak credentials, misconfigurations, and sometimes human trust through phishing or other social engineering.
Its security significance depends on the attacker’s access and objective: a compromised internet-facing system may enable data theft, unauthorized changes, or movement into other systems, while a benign penetration test can reveal the same weaknesses before they are abused. Defenders reduce exposure through timely vulnerability management, secure configuration, strong authentication, network and endpoint monitoring, and tested incident-response procedures. Useful reporting distinguishes confirmed compromise from attempted or suspected activity and identifies the exploited entry point, affected assets, and whether access was contained.
The MITRE Corporation says a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days. [...]
Also: Omni Hack Exposed Customer Data; More Ivanti Vulnerabilities Come to LightThis week, police disrupted the LabHost phishing-as-a-service site, customer data compromised in Omni Hotels hack, more Ivanti vulnerabilities found, Moldovan botnet operator faces U.S. charges, Cisco warned of a data breach in Duo and a Spanish Guardia Civil contractor suffered a ransomware attack.
Also: Omni Hack Exposed Customer Data and More Ivanti VulnerabilitiesThis week, police took down the LabHost phishing-as-a-service site, customer data compromised in Omni Hotels hack, more Ivanti vulnerabilities, a Moldovan botnet operators faces U.S. charges, Cisco warned of data breach in Duo and a Spanish Guardia Civil contractor suffered a ransomware attack.
Hacks on Unregulated Dams Can Result in Mass Casualties, Experts and Lawmakers WarnCybersecurity experts and top lawmakers are warning that a successful cyberattack targeting federally-regulated dams across the United States - the majority of which have not received a cyber audit - could result in a severe impact on public health and even mass casualties.
Also: Nebraska Man Steals $3.5 Million of Cloud Services to Mine $1M of CryptoEvery week, ISMG rounds up cybersecurity incidents in digital assets. This week, sentencing in the first-ever conviction for hacking a smart contract, indictment in a million-dollar illicit mining, FTX executive's sentencing, Railgun's money-laundering defense and Uniswap's Wells Notice.
LastPass is warning of a malicious campaign targeting its users with the CryptoChameleon phishing kit that is associated with cryptocurrency theft. [...]
Centers for Underserved Patients, Resource-Poor Communities Fight for Cyber FundsMichigan's largest federally qualified health center, which treats homeless and underserved patients, is notifying more than 184,000 individuals of a December ransomware attack that compromised their data. The incident reflects the many challenges that under-resourced healthcare groups face.
The Sandworm hacking group associated with Russian military intelligence has been hiding attacks and operations behind multiple online personas posing as hacktivist groups. [...]
At least six distinct botnet malware operations are hunting for TP-Link Archer AX21 (AX1800) routers vulnerable to a command injection security issue reported and addressed last year. [...]
Russian Cyber Sabotage Unit Sandworm Adopting Advanced Techniques, Mandiant WarnsRussia's preeminent cyber sabotage unit presents "one of the widest and high severity cyber threats globally," warned Mandiant in a Wednesday report. Mandiant newly designated Sandworm as APT44 to differentiate it from another hacking unit it will still track as APT28.
Kapeka Shows Similarities to Russian GRU Hacking Group's GreyEnergy MalwareLikely Russian military intelligence hackers known as Sandworm since at least mid-2022 have deployed a new and highly flexible back door against Eastern European targets, warn security researchers. Security firm WithSecure dubs the backdoor "Kapeka."
The two allegedly sold the Trojan on Hack Forums, allowing other threat actors to gain unauthorized control, disable programs, browse files, record keystrokes, and steal credentials.
For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state's revenue department in 2012 and stealing tax and bank account information for 3.6 million people. The answer may no longer be a mystery: KrebsOnSecurity found compelling clues suggesting the intrusion was carried out by the same Russian hacking crew that stole of millions of payment card records from big box retailers like Home Depot and Target in the years that followed.
Orrick Herrington Cyberattack Compromised Clients' Data, Affected Nearly 638,000A global law firm that provides data breach legal services has agreed to an $8 million settlement to resolve a proposed class action lawsuit filed against the firm in the aftermath of its cyberattack last year, which affected some health sector clients and nearly 638,000 individuals.
Experts Warn of Growing Threat From Supply Chain Attacks After High-Profile BreachCybersecurity experts are sounding the alarm over a rise in supply chain attacks targeting the interconnected systems of global corporate giants after the top U.S. cyber agency urged Sisense customers to reset their credentials following an apparent hack.
A new campaign conducted by the TA558 hacking group is concealing malicious code inside images using steganography to deliver various malware tools onto targeted systems. [...]