all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

MITRE Breached – Hackers Chained 2 Ivanti Zero-days to Compromise VPN

Add to bookmarks
April 24, 2024, 12:31 p.m. | Livia Gyongyoși

Heimdal Security Blog heimdalsecurity.com

MITRE Corporation announced that state-backed hackers used Ivanti zero-day vulnerabilities to breach their system. The attack happened in January 2024 and impacted MITRE’s Networked Experimentation, Research, and Virtualization Environment (NERVE). NERVE is an unclassified collaborative network that researchers use. The two Ivanti vulnerabilities were: authentication bypass CVE-2023-46805 command injection CVE-2024-21887 None of them had an […]


The post MITRE Breached – Hackers Chained 2 Ivanti Zero-days to Compromise VPN appeared first on Heimdal Security Blog.

attack authentication authentication bypass breach breached bypass command command injection compromise cve cve-2023-46805 cybersecurity news environment experimentation hackers injection ivanti ivanti vulnerabilities january january 2024 mitre nerve network research researchers state system unclassified virtualization vpn vulnerabilities zero-day zero-days zero-day vulnerabilities

Visit resource

More from heimdalsecurity.com / Heimdal Security Blog

Patch Now! CrushFTP Zero-day Lets Attackers Download System Files 1 week, 2 days ago | heimdalsecurity.com
attackers critical crushftp customers +22
MITRE Breached – Hackers Chained 2 Ivanti Zero-days to Compromise VPN 1 week, 3 days ago | heimdalsecurity.com
attack authentication authentication bypass breach +30
A System Administrator’s Challenges in Patch Management 1 week, 3 days ago | heimdalsecurity.com
administrator alex benefits challenges +13
Free and Downloadable Account Management Policy Template 1 week, 4 days ago | heimdalsecurity.com
account accounts business data +16
Atera vs. ConnectWise: Head-to-Head Comparison (And Alternative) 1 week, 4 days ago | heimdalsecurity.com
article atera balance complexity +11
NinjaOne vs. Atera: A Deep Comparison Between the Solutions 2 weeks, 1 day ago | heimdalsecurity.com
atera business critical customers +22
Deceptive Google Ads Mimic IP Scanner Software to Push Backdoor 2 weeks, 1 day ago | heimdalsecurity.com
ads backdoor campaign cybersecurity +16
CrowdStrike vs. SentinelOne: Which One Is Better For Endpoint Security? 2 weeks, 1 day ago | heimdalsecurity.com
business can crowdstrike cybersecurity +13
Surge in Botnets Exploiting CVE-2023-1389 to Infect TP-Link Archer Routers 2 weeks, 2 days ago | heimdalsecurity.com
bleeping computer botnet botnets command +24

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

QA Customer Response Engineer

@ ORBCOMM | Sterling, VA Office, Sterling, VA, US
View on infosec-jobs.com

Enterprise Security Architect

@ Booz Allen Hamilton | USA, TX, San Antonio (3133 General Hudnell Dr) Client Site
View on infosec-jobs.com

DoD SkillBridge - Systems Security Engineer (Active Duty Military Only)

@ Sierra Nevada Corporation | Dayton, OH - OH OD1
View on infosec-jobs.com

Senior Development Security Analyst (REMOTE)

@ Oracle | United States
View on infosec-jobs.com

Software Engineer - Network Security

@ Cloudflare, Inc. | Remote
View on infosec-jobs.com

Software Engineer, Cryptography Services

@ Robinhood | Toronto, ON
View on infosec-jobs.com
View more jobs