The incident was detected after suspicious activity was observed on MITRE’s Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified collaborative network used for research and development. Fortunately, the breach did not impact MITRE’s core enterprise network or its partners’ systems.
The MITRE Corporation
The MITRE Corporation claims that in January 2024, a state-sponsored hacking organization infiltrated its systems by chaining two Ivanti VPN zero-days.
The issue was discovered when suspicious activity was noticed on MITRE’s Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified collaboration network for research and development.
So far, evidence gathered throughout the inquiry indicates that the breach had no impact on the organization’s core enterprise network or the systems of its partners.
The Breach
MITRE has since alerted affected parties of the incident, contacted appropriate authorities, and is currently attempting to restore “operational alternatives.”
“No organization is immune to this type of cyber attack, not even one that striv
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.